biotrendies.com Open in urlscan Pro
2606:4700:3030::ac43:ac5b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://biotrendies.com/
Effective URL:
https://biotrendies.com/
Submission Tags: socgholish
Submission: On December 09 via manual (December 9th 2022, 12:53:27 am UTC) from US — Scanned from DE

Summary HTTP 217 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 73 IPs in 7 countries across 65 domains to perform 217 HTTP transactions. The main IP is 2606:4700:3030::ac43:ac5b, located in United States and belongs to CLOUDFLARENET, US. The main domain is biotrendies.com.
TLS certificate: Issued by E1 on November 28th 2022. Valid for: 3 months.

This is the only time biotrendies.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3033::6815:3fe2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
29	2606:4700:303... 2606:4700:3030::ac43:ac5b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.19.54.139 3.19.54.139	16509 (AMAZON-02) (AMAZON-02)
5	2606:4700:e2:... 2606:4700:e2::ac40:850f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	91.208.197.151 91.208.197.151	200019 (ALEXHOST) (ALEXHOST)
6	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:6c0... 2a02:26f0:6c00:297::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	13.32.27.16 13.32.27.16	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	52.222.236.43 52.222.236.43	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
6	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
8	184.86.251.220 184.86.251.220	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3 4	52.58.214.36 52.58.214.36	16509 (AMAZON-02) (AMAZON-02)
5 5	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2	3.66.71.88 3.66.71.88	16509 (AMAZON-02) (AMAZON-02)
4 6	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1 3	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
1	18.66.147.62 18.66.147.62	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2600:9000:238... 2600:9000:238c:1a00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	99.81.68.255 99.81.68.255	16509 (AMAZON-02) (AMAZON-02)
3 3	35.214.223.115 35.214.223.115	15169 (GOOGLE) (GOOGLE)
15	146.20.128.67 146.20.128.67	27357 (RACKSPACE) (RACKSPACE)
3 3	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
3 3	54.237.254.37 54.237.254.37	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.192.84 151.101.192.84	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
12	146.20.132.185 146.20.132.185	27357 (RACKSPACE) (RACKSPACE)
4	69.20.43.192 69.20.43.192	27357 (RACKSPACE) (RACKSPACE)
2	37.157.4.23 37.157.4.23	() ()
12	23.35.236.201 23.35.236.201	() ()
1	2600:9000:238... 2600:9000:238d:4c00:15:6f6c:b180:93a1	() ()
1	88.221.168.189 88.221.168.189	() ()
3 8	185.89.211.84 185.89.211.84	() ()
1	52.16.195.255 52.16.195.255	() ()
2	185.64.189.115 185.64.189.115	() ()
1	18.200.80.180 18.200.80.180	() ()
5	34.250.30.250 34.250.30.250	() ()
1	34.231.237.27 34.231.237.27	() ()
1	18.158.8.202 18.158.8.202	() ()
2 2	104.18.33.19 104.18.33.19	() ()
1	35.186.253.211 35.186.253.211	() ()
1 1	198.148.27.140 198.148.27.140	() ()
1 1	213.19.147.44 213.19.147.44	() ()
1	69.166.1.12 69.166.1.12	() ()
2 2	185.94.180.125 185.94.180.125	() ()
1 2	2600:1f18:612... 2600:1f18:612b:4232:2c9c:1ca6:2cc6:969c	() ()
1	13.248.245.213 13.248.245.213	() ()
1	34.240.38.30 34.240.38.30	() ()
1	185.86.139.103 185.86.139.103	() ()
1 2	35.186.194.101 35.186.194.101	() ()
1	52.28.99.48 52.28.99.48	() ()
3 4	37.157.2.234 37.157.2.234	() ()
2 2	185.29.134.244 185.29.134.244	() ()
4	185.64.190.80 185.64.190.80	() ()
2 2	213.155.156.184 213.155.156.184	() ()
4	185.64.189.110 185.64.189.110	() ()
1	178.250.0.163 178.250.0.163	() ()
1 2	67.220.224.144 67.220.224.144	() ()
2	198.47.127.20 198.47.127.20	() ()
1 1	141.94.171.213 141.94.171.213	() ()
2	35.71.131.137 35.71.131.137	() ()
1	35.204.158.49 35.204.158.49	() ()
1	185.64.190.75 185.64.190.75	() ()
2	185.64.189.221 185.64.189.221	() ()
1 1	85.114.159.93 85.114.159.93	() ()
1	2606:4700:10:... 2606:4700:10::ac43:db6	() ()
1	98.98.134.243 98.98.134.243	() ()
217	73

1 2606:4700:3033::6815:3fe2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

biotrendies.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2606:4700:3030::ac43:ac5b (United States)

ASN13335 (CLOUDFLARENET, US)

biotrendies.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.19.54.139 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-19-54-139.us-east-2.compute.amazonaws.com

ads.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:e2::ac40:850f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.208.197.151 (Moldova)

ASN200019 (ALEXHOST, MD)
PTR: app.liqquile.com

perspective.cdsignner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:297::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-16.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-43.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

ad.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 184.86.251.220 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-86-251-220.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.58.214.36 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-214-36.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.130 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.66.71.88 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-71-88.eu-central-1.compute.amazonaws.com

a.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.156.0.31 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-62.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

36e4c8c3a5077285786bf939c281264c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:238c:1a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.81.68.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-68-255.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.214.223.115 (Groningen, Netherlands) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 146.20.128.67 (United States)

ASN27357 (RACKSPACE, US)

cs.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:678:cb4:bbbb::11 (United Kingdom) 3 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.237.254.37 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-254-37.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.192.84 (United States)

ASN54113 (FASTLY, US)

log.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 146.20.132.185 (United States)

ASN27357 (RACKSPACE, US)

t.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.20.43.192 (United States)

ASN27357 (RACKSPACE, US)

v.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.23 (None, )

ASN- ()

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 23.35.236.201 (None, )

ASN- ()

vpaid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:238d:4c00:15:6f6c:b180:93a1 (None, )

ASN- ()

vpaid.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.221.168.189 (None, )

ASN- ()

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.89.211.84 (None, ) 3 redirects

ASN- ()

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.16.195.255 (None, )

ASN- ()

vid.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (None, )

ASN- ()

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.200.80.180 (None, )

ASN- ()

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.250.30.250 (None, )

ASN- ()

sync.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.231.237.27 (None, )

ASN- ()

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.158.8.202 (None, )

ASN- ()

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.33.19 (None, ) 2 redirects

ASN- ()

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (None, )

ASN- ()

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.140 (None, ) 1 redirects

ASN- ()

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.44 (None, ) 1 redirects

ASN- ()

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.12 (None, )

ASN- ()

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (None, ) 2 redirects

ASN- ()

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:612b:4232:2c9c:1ca6:2cc6:969c (None, ) 1 redirects

ASN- ()

pbs.publishers.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (None, )

ASN- ()

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.240.38.30 (None, )

ASN- ()

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.103 (None, )

ASN- ()

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.194.101 (None, ) 1 redirects

ASN- ()

sync.sxp.smartclip.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.99.48 (None, )

ASN- ()

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.2.234 (None, ) 3 redirects

ASN- ()

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.134.244 (None, ) 2 redirects

ASN- ()

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.190.80 (None, )

ASN- ()

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.184 (None, ) 2 redirects

ASN- ()

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.110 (None, )

ASN- ()

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (None, )

ASN- ()

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.220.224.144 (None, ) 1 redirects

ASN- ()

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.20 (None, )

ASN- ()

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.94.171.213 (None, ) 1 redirects

ASN- ()

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (None, )

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (None, )

ASN- ()

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.75 (None, )

ASN- ()

vid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.221 (None, )

ASN- ()

st.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (None, ) 1 redirects

ASN- ()

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:db6 (None, )

ASN- ()

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.243 (None, )

ASN- ()

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	lkqd.net ad.lkqd.net — Cisco Umbrella Rank: 20683 v.lkqd.net — Cisco Umbrella Rank: 7976 Failed cs.lkqd.net — Cisco Umbrella Rank: 2769 t.lkqd.net — Cisco Umbrella Rank: 16929	151 KB
30	biotrendies.com 1 redirects biotrendies.com	815 KB
27	pubmatic.com vpaid.pubmatic.com ads.pubmatic.com image6.pubmatic.com simage2.pubmatic.com image2.pubmatic.com image4.pubmatic.com vid.pubmatic.com st.pubmatic.com aud.pubmatic.com Failed	165 KB
12	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 cm.g.doubleclick.net — Cisco Umbrella Rank: 205 googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 stats.g.doubleclick.net — Cisco Umbrella Rank: 74	137 KB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 36e4c8c3a5077285786bf939c281264c.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 142	208 KB
9	adnxs.com 3 redirects acdn.adnxs.com ib.adnxs.com	25 KB
8	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 622	10 KB
7	springserve.com vpaid.springserve.com vid.springserve.com sync.springserve.com	95 KB
6	adform.net 3 redirects adx.adform.net c1.adform.net	3 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 26 region1.google-analytics.com — Cisco Umbrella Rank: 2554	22 KB
5	yahoo.com 3 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 279 pr-bh.ybp.yahoo.com Failed	1008 B
5	gstatic.com fonts.gstatic.com www.gstatic.com	250 KB
5	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 880	95 KB
4	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 287	1 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	200 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 629 script.hotjar.com — Cisco Umbrella Rank: 770 vars.hotjar.com — Cisco Umbrella Rank: 891 in.hotjar.com — Cisco Umbrella Rank: 1676	73 KB
4	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 70	2 KB
3	stackadapt.com 3 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 682	1 KB
3	turn.com 3 redirects ad.turn.com — Cisco Umbrella Rank: 714	1 KB
3	loopme.me 3 redirects csync.loopme.me — Cisco Umbrella Rank: 764	579 B
3	quantserve.com 1 redirects secure.quantserve.com — Cisco Umbrella Rank: 925 pixel.quantserve.com — Cisco Umbrella Rank: 671 cms.quantserve.com	11 KB
3	pinterest.com assets.pinterest.com — Cisco Umbrella Rank: 2561 log.pinterest.com — Cisco Umbrella Rank: 3531	19 KB
3	vidoomy.com ads.vidoomy.com — Cisco Umbrella Rank: 21779 a.vidoomy.com — Cisco Umbrella Rank: 8251	6 KB
2	adsrvr.org match.adsrvr.org	529 B
2	amazon-adsystem.com 1 redirects aax-eu.amazon-adsystem.com	2 KB
2	de17a.com 2 redirects d5p.de17a.com	562 B
2	mathtag.com 2 redirects sync.mathtag.com	1 KB
2	smartclip.net 1 redirects sync.sxp.smartclip.net	452 B
2	tremorhub.com 1 redirects pbs.publishers.tremorhub.com	542 B
2	spotxchange.com 2 redirects sync.search.spotxchange.com	1 KB
2	casalemedia.com 2 redirects ssum.casalemedia.com	2 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8575 www.google.de — Cisco Umbrella Rank: 6073	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	203 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 47	143 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 300 fonts.googleapis.com — Cisco Umbrella Rank: 36	32 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 738	31 KB
1	sitescout.com pixel-sync.sitescout.com	191 B
1	zeotap.com mwzeom.zeotap.com	382 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	524 B
1	simpli.fi um.simpli.fi	612 B
1	onaudience.com 1 redirects pixel.onaudience.com	418 B
1	criteo.com dis.criteo.com	363 B
1	sharethrough.com match.sharethrough.com	35 B
1	smartadserver.com ssbsync.smartadserver.com	45 B
1	yieldmo.com ads.yieldmo.com	35 B
1	3lift.com eb2.3lift.com	140 B
1	sonobi.com sync.go.sonobi.com	533 B
1	1rx.io 1 redirects sync.1rx.io	218 B
1	contextweb.com 1 redirects bh.contextweb.com	465 B
1	openx.net rtb.openx.net	350 B
1	advertising.com 1 redirects pixel.advertising.com	282 B
1	emxdgt.com cs.emxdgt.com	55 B
1	bfmio.com sync.bfmio.com	78 B
1	gumgum.com rtb.gumgum.com	211 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 863	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 837	699 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 188	28 KB
1	cdsignner.com perspective.cdsignner.com — Cisco Umbrella Rank: 732409	145 B
0	dotomi.com Failed pubmatic-match.dotomi.com Failed
0	scoota.co Failed r.scoota.co Failed
0	audrte.com Failed a.audrte.com Failed
0	semasio.net Failed uipglob.semasio.net Failed
0	everesttech.net Failed sync-tm.everesttech.net Failed
0	bidr.io Failed match.prod.bidr.io Failed
0	yieldpass.com Failed cdn.yieldpass.com Failed
217	65

	Domain	Requested by
30	biotrendies.com	1 redirects biotrendies.com
15	cs.lkqd.net	ad.lkqd.net
12	t.lkqd.net	ad.lkqd.net
8	ib.adnxs.com	3 redirects vpaid.springserve.com acdn.adnxs.com
8	ads.stickyadstv.com	biotrendies.com ad.lkqd.net
6	ads.pubmatic.com	vpaid.pubmatic.com vid.springserve.com ads.pubmatic.com
6	vpaid.pubmatic.com	ad.lkqd.net vpaid.springserve.com blank
6	ad.lkqd.net	biotrendies.com ad.lkqd.net
6	pagead2.googlesyndication.com	biotrendies.com pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
5	sync.springserve.com
5	ups.analytics.yahoo.com	3 redirects
5	cm.g.doubleclick.net	5 redirects
5	www.google-analytics.com	biotrendies.com www.google-analytics.com
5	use.fontawesome.com	biotrendies.com use.fontawesome.com
4	image2.pubmatic.com	ads.pubmatic.com
4	simage2.pubmatic.com	ads.pubmatic.com
4	c1.adform.net	3 redirects ads.pubmatic.com
4	v.lkqd.net	ad.lkqd.net
4	x.bidswitch.net	3 redirects
4	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
4	connect.facebook.net	biotrendies.com connect.facebook.net
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	sync.srv.stackadapt.com	3 redirects ads.pubmatic.com
3	ad.turn.com	3 redirects
3	csync.loopme.me	3 redirects
3	www.google.com	biotrendies.com tpc.googlesyndication.com
2	st.pubmatic.com
2	match.adsrvr.org	ads.pubmatic.com
2	image4.pubmatic.com	ads.pubmatic.com
2	aax-eu.amazon-adsystem.com	1 redirects ads.pubmatic.com
2	d5p.de17a.com	2 redirects
2	sync.mathtag.com	2 redirects
2	sync.sxp.smartclip.net	1 redirects
2	pbs.publishers.tremorhub.com	1 redirects
2	sync.search.spotxchange.com	2 redirects
2	ssum.casalemedia.com	2 redirects
2	image6.pubmatic.com	ads.pubmatic.com
2	adx.adform.net	ad.lkqd.net
2	www.facebook.com	biotrendies.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	a.vidoomy.com	biotrendies.com
2	www.googletagmanager.com	biotrendies.com www.googletagmanager.com
2	assets.pinterest.com	biotrendies.com assets.pinterest.com
2	maxcdn.bootstrapcdn.com	biotrendies.com
1	pixel-sync.sitescout.com	ads.pubmatic.com
1	mwzeom.zeotap.com	ads.pubmatic.com
1	dsp.adfarm1.adition.com	1 redirects
1	cms.quantserve.com	1 redirects
1	vid.pubmatic.com	vpaid.pubmatic.com
1	um.simpli.fi	ads.pubmatic.com
1	pixel.onaudience.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	match.sharethrough.com
1	ssbsync.smartadserver.com
1	ads.yieldmo.com
1	eb2.3lift.com
1	sync.go.sonobi.com
1	sync.1rx.io	1 redirects
1	bh.contextweb.com	1 redirects
1	rtb.openx.net
1	pixel.advertising.com	1 redirects
1	cs.emxdgt.com
1	sync.bfmio.com
1	rtb.gumgum.com	vid.springserve.com
1	vid.springserve.com	vpaid.springserve.com
1	acdn.adnxs.com	vpaid.springserve.com
1	vpaid.springserve.com	ad.lkqd.net
1	pixel.quantserve.com	biotrendies.com
1	log.pinterest.com	biotrendies.com
1	in.hotjar.com	script.hotjar.com
1	www.google.de	biotrendies.com
1	rules.quantcount.com	secure.quantserve.com
1	region1.google-analytics.com	www.googletagmanager.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	36e4c8c3a5077285786bf939c281264c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	vars.hotjar.com	static.hotjar.com
1	secure.quantserve.com	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	www.gstatic.com	www.google.com
1	static.hotjar.com	biotrendies.com
1	www.googletagservices.com	biotrendies.com
1	perspective.cdsignner.com	biotrendies.com
1	fonts.googleapis.com	biotrendies.com
1	ajax.googleapis.com	biotrendies.com
1	ads.vidoomy.com	biotrendies.com
0	pubmatic-match.dotomi.com Failed	ads.pubmatic.com
0	pr-bh.ybp.yahoo.com Failed	ads.pubmatic.com
0	r.scoota.co Failed	ads.pubmatic.com
0	a.audrte.com Failed	ads.pubmatic.com
0	uipglob.semasio.net Failed	ads.pubmatic.com
0	aud.pubmatic.com Failed	ads.pubmatic.com
0	sync-tm.everesttech.net Failed	ads.pubmatic.com
0	match.prod.bidr.io Failed	ads.pubmatic.com
0	cdn.yieldpass.com Failed	biotrendies.com
217	98

This site contains links to these domains. Also see Links.

Domain
playsafecl.com
beauty.biotrendies.com
www.summonpress.com
www.biotrendies.com

Subject Issuer	Validity	Valid
*.biotrendies.com E1	`2022-11-28` - `2023-02-26`	3 months	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-01` - `2023-10-02`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
perspective.cdsignner.com ZeroSSL RSA Domain Secure Site CA	`2022-11-24` - `2023-02-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-08-08`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-17` - `2022-12-16`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
ad.lkqd.net R3	`2022-11-29` - `2023-02-27`	3 months	crt.sh
*.ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-14` - `2023-06-16`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
quantserve.com R3	`2022-11-11` - `2023-02-09`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.lkqd.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-27` - `2023-07-18`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
*.springserve.com Amazon	`2022-03-31` - `2023-04-29`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2022-10-21` - `2023-10-22`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.gumgum.com Amazon	`2022-05-06` - `2023-06-04`	a year	crt.sh
*.bfmio.com Amazon	`2022-04-16` - `2023-05-15`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2022-05-18` - `2023-06-19`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2021-12-08` - `2023-01-09`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.yieldmo.com Amazon	`2022-04-25` - `2023-05-24`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-09-27` - `2023-03-22`	6 months	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2022-07-20` - `2023-07-19`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh

This page contains 36 frames:

Primary Page: https://biotrendies.com/
Frame ID: 7E7F4584A0FBC4E453ED611DC89462D0
Requests: 102 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: B2D964D2950ECCB27BF72A6EE1CBE421
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 01901DBACE54C4643E3C956B3563C3C1
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221130/r20190131/zrt_lookup.html
Frame ID: D8C8841EDA5A17ED58A96C0C581C18C7
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
Frame ID: FD851CD5E577734E1FFDD6448A33BFB0
Requests: 1 HTTP requests in this frame

Frame: https://36e4c8c3a5077285786bf939c281264c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6DDDBBEE0594A475FF2DF67177FC9BE1
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: A2A1EF31E886FCE506126A7BDA6C2EE4
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9671774946167201&output=html&adk=1812271804&adf=3025194257&lmt=1670547200&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fbiotrendies.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670547199749&bpp=4&bdt=532&idt=324&shv=r20221130&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7000165271034&frm=20&pv=2&ga_vid=856531091.1670547200&ga_sid=1670547200&ga_hid=234557798&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44760911%2C31071220%2C44779793&oid=2&pvsid=960757076349717&tmod=793297497&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=338
Frame ID: 77DDC0ECADF3612BF76EA77DA6F52426
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: DC6F92957093E9845F9374F8A705D132
Requests: 6 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 08A26F570B69202065752CD1ECE244F8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4952A10EAA9AC30EB49AF694A958A71E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 86EFF7D66B75CA8C05992A42071258E0
Requests: 2 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 2888311F07B6F92CC97F9EB7562378E5
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 6135E0DF78A0279B5AB5A33E883D8947
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: A6B6D97CFD91CB9F55AADD940C9FED16
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 023F57084D075DB0424E94D8D6FFE142
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 6EF78540093E27E2A7E1D91211DF3914
Requests: 3 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_f51ac984.js
Frame ID: 130F09436227F17529AFF4298CD8F914
Requests: 26 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 40C73DEDAA96BAF9092250AA2E8B6AC5
Requests: 3 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fbiotrendies.com%2F&schain=1.0,1!vidoomy.com,44422,1,1670547205522,,
Frame ID: 8C9AB30E14A802256A9504E88AB2D2DE
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: CB645F6B58053A7C3196A7909A51FEA9
Requests: 10 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Frame ID: BE07E403E40CA9DD585BBDB9F2C20DED
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000010%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Frame ID: B7A4B4A032B2F917BED27DF4DA6220EE
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=4D5DF576-5173-4528-A3BC-6F9D85760EE4&gdpr=0&gdpr_consent=
Frame ID: 42956321C7C60BA238B338B099DDD4F6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:095d6392-8706-4c00-9f30-f20d4e287ca5&gdpr=0&gdpr_consent=
Frame ID: DEF540BCFA5C80451E81ABC49E6325E5
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7271886883554642821
Frame ID: D21B649C26448546D1853CB538F998DB
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 84290D37FA2B219C893D0CB7D8DFE9F6
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=4D5DF576-5173-4528-A3BC-6F9D85760EE4&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: B3A976EF7C9C3B9C1C59282F1D86BC4A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4477619247011178657&gdpr=0&gdpr_consent=
Frame ID: B8FCFA65C1E2BE690FC2A03EB85B0F62
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fbiotrendies.com%2F&schain=1.0,1!vidoomy.com,44422,1,1670547205522,,
Frame ID: FC32B2D0E2EA1B0982B93BFB3CD5B7BF
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 309F5A82D82E5CE590BC8EE7D73F3027
Requests: 11 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=gjr7FIw-8heZPqRC0DjvHtA68hSZa_dHgT-HZNyd
Frame ID: 02ED1ED6BD99731F709867A5E38113FA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7174945620495431821&gdpr=0&gdpr_consent=
Frame ID: 5F6F67368D97D377A14D3094CE94B65C
Requests: 1 HTTP requests in this frame

Frame: https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
Frame ID: 1C89BAC89BB1DEB09B997994D46419B9
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
Frame ID: 8F34CA7C84B038560D3316C6BA5795D9
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Frame ID: 76A76FA0EA8E65D9087DA2DAAA03B8EB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Biotrendies | Alimentación saludable y consejos de nutrición

Page URL History Show full URLs

http://biotrendies.com/ HTTP 301
https://biotrendies.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Pinterest (Widgets) Expand

Overall confidence: 100%
Detected patterns

//assets\.pinterest\.com/js/pinit\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

217
Requests

82 %
HTTPS

36 %
IPv6

65
Domains

98
Subdomains

73
IPs

7
Countries

2522 kB
Transfer

7212 kB
Size

28
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://playsafecl.com/metodos-de-pago-casino/casinos-cuenta-rut/
Title: Casino Online Chile Cuenta Rut

Search URL Search Domain Scan URL

URL: https://beauty.biotrendies.com/
Title: Beauty

Search URL Search Domain Scan URL

URL: http://www.summonpress.com/politica-de-cookies
Title: Política de cookies

Search URL Search Domain Scan URL

URL: https://www.biotrendies.com/
Title: BIOTrendies

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://biotrendies.com/ HTTP 301
https://biotrendies.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://x.bidswitch.net/sync?ssp=vidoomy&user_id=241850124.233082831152416092.81926015 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=241850124.233082831152416092.81926015 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=vidoomy&bsw_param=ab5f50e8-b485-4237-93e5-551b3ad984ba&google_hm=YWI1ZjUwZTgtYjQ4NS00MjM3LTkzZTUtNTUxYjNhZDk4NGJh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm=&google_sc=&ssp=vidoomy&bsw_param=ab5f50e8-b485-4237-93e5-551b3ad984ba&google_hm=YWI1ZjUwZTgtYjQ4NS00MjM3LTkzZTUtNTUxYjNhZDk4NGJh&google_tc= HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEJO98JY6-9GtGy-Azup5iSw&google_cver=1&ssp=vidoomy&bsw_param=ab5f50e8-b485-4237-93e5-551b3ad984ba HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=ab5f50e8-b485-4237-93e5-551b3ad984ba

Request Chain 46

https://ups.analytics.yahoo.com/ups/58610/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58610/occ?verify=true HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-OtITMxxE2uFALBtBlP2QOAEKrABPp010SkMI1.c-~A

Request Chain 75

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=f91888bc-6324-415e-83e9-e3794b3bcae6

Request Chain 78

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7257563307851287590

Request Chain 79

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=z3dZ7IINRexjk-ZtljIL7cEbDgo

Request Chain 80

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=8a80a916-d1b4-446c-98c8-6b1d5ace5ffa

Request Chain 83

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7329620901889215526

Request Chain 84

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=qNkVPHBrSTpaAlcLv4sSr8EbDgo

Request Chain 127

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=8a80a916-d1b4-446c-98c8-6b1d5ace5ffa

Request Chain 130

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7329620901889215526

Request Chain 131

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=qNkVPHBrSTpaAlcLv4sSr8EbDgo

Request Chain 158

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 164

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000001%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID HTTP 302
https://sync.springserve.com/usersync?aid=1000001&gdpr=1&gdpr_consent=&us_privacy=&uuid=4477619247011178657

Request Chain 167

https://ssum.casalemedia.com/usermatchredir?s=184932&gdpr=1&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D HTTP 302
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D&gdpr=1&gdpr_consent=&s=184932&us_privacy=&C=1 HTTP 302
https://sync.springserve.com/usersync?aid=1000005&gdpr=1&gdpr_consent=&us_privacy=&uuid=Y5KHBhNnIZuyGYZNA53mvwAA%265162

Request Chain 168

https://pixel.advertising.com/ups/58185/sync?&gdpr=1&gdpr_consent=&us_privacy=&redir=true HTTP 301
https://ups.analytics.yahoo.com/ups/58185/sync?&gdpr=1&gdpr_consent=&us_privacy=&redir=true

Request Chain 170

https://bh.contextweb.com/rtset?gdpr=1&gdpr_consent=&us_privacy=&pid=561910&ev=1&rurl=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000011%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%25%25VGUID%25%25 HTTP 302
https://sync.springserve.com/usersync?aid=1000011&gdpr=1&gdpr_consent=&us_privacy=&uuid=HXfjUQmliQ82&ev=1&us_privacy=&gdpr_consent=&pid=561910&gdpr=1

Request Chain 171

https://sync.1rx.io/usersync2/rmphb?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000012%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5BRX_UUID%5D HTTP 302
https://sync.springserve.com/usersync?aid=1000012&gdpr=1&gdpr_consent=&us_privacy=&uuid=OPTOUT

Request Chain 173

https://sync.search.spotxchange.com/partner?gdpr=1&gdpr_consent=&us_privacy=&adv_id=8593&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000014%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&gdpr_consent=&us_privacy=&adv_id=8593&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000014%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=e3a14443-775b-11ed-ad2d-14f0ef8b0306 HTTP 302
https://sync.springserve.com/usersync?aid=1000014&gdpr=1&gdpr_consent=&us_privacy=&uuid=e3a143f6-775b-11ed-ad2d-14f0ef8b0306

Request Chain 174

https://pbs.publishers.tremorhub.com/pubsync?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000015%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5Btvid%5D HTTP 302
https://pbs.publishers.tremorhub.com/pubsync/verify?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000015%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5Btvid%5D

Request Chain 179

https://sync.sxp.smartclip.net/sync?type=red&dsp=116&gdpr_consent= HTTP 302
https://sync.sxp.smartclip.net/sync?type=red&dsp=116&gdpr_consent=&ang_testid=1

Request Chain 182

https://c1.adform.net/serving/cookie/match?party=14&cid=4D5DF576-5173-4528-A3BC-6F9D85760EE4&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=4D5DF576-5173-4528-A3BC-6F9D85760EE4&gdpr=0&gdpr_consent=

Request Chain 183

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:095d6392-8706-4c00-9f30-f20d4e287ca5&gdpr=0&gdpr_consent=

Request Chain 184

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7271886883554642821

Request Chain 186

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=4D5DF576-5173-4528-A3BC-6F9D85760EE4&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=4D5DF576-5173-4528-A3BC-6F9D85760EE4&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 187

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4477619247011178657&gdpr=0&gdpr_consent=

Request Chain 188

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TV31dlFzRSijvG-dhXYO5A%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 189

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=db626392-8706-4600-94a0-29bf7d9a09a9

Request Chain 190

https://pixel.onaudience.com/?partner=214&mapped=4D5DF576-5173-4528-A3BC-6F9D85760EE4&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

Request Chain 191

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NEQ1REY1NzYtNTE3My00NTI4LUEzQkMtNkY5RDg1NzYwRUU0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 192

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFVQhBpoWkWXG3xCLyjOzLE&google_cver=1

Request Chain 194

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4971614028004017642

Request Chain 205

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=gjr7FIw-8heZPqRC0DjvHtA68hSZa_dHgT-HZNyd

Request Chain 206

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7174945620495431821&gdpr=0&gdpr_consent=

Request Chain 210

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=4D5DF576-5173-4528-A3BC-6F9D85760EE4&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=4D5DF576-5173-4528-A3BC-6F9D85760EE4&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=4D5DF576-5173-4528-A3BC-6F9D85760EE4&addseg=19,36,42

Request Chain 214

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic

Request Chain 216

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4D5DF576-5173-4528-A3BC-6F9D85760EE4&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-R_rO6txE2uXPAATeLTEcbMgLRoLJPG0-~A&gdpr=0&gdpr_consent=

217 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
biotrendies.com/
Redirect Chain

http://biotrendies.com/
https://biotrendies.com/

99 KB
19 KB

75ms
50ms

Document
text/html

2606:4700:3030::ac43:ac5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biotrendies.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:ac5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33 PleskLin
Resource Hash: 8744f257a9b562818ba572dd84b9bd87971103e6fca0e32ce5284b9359c9c4d4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=3, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7769c35abcce9207-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 09 Dec 2022 00:53:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GuYXKho48W6YI8SiD3BIUNI6816imtvwq9EAtsCtI6ia2uyz5jA4GHrQ5NNdwN0ThM63hEHhEIAw%2FgubW445oSD6Wlzqe%2BEF33menFeISUsIGeEcHhpelpTmvtm3eL6EBRQsEiXU7Ld4Cp6Xb3g%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Cookie,User-Agent
x-cache-status: BYPASS
x-powered-by: PHP/7.4.33 PleskLin

Redirect headers

CF-RAY: 7769c35a5fd1bb83-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Fri, 09 Dec 2022 00:53:19 GMT
Expires: Fri, 09 Dec 2022 01:53:19 GMT
Location: https://biotrendies.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2szGbpSrwZWHmNlYQd32vcmpe7PewN1QKZihy3QVwuqjrqQMcLcXpm4j%2FNcpE0gFRzJEDopMbFmJS7HdiVo3Rz8ioOVoIxbpypcOHvVPfzHn3%2FAPNgrEdbcQrAnPjPqIwfGbPGj7JYwgf0meNKI%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK biotrendies_18092.js Show response
ads.vidoomy.com/ 5 KB
5 KB 418ms
133ms Script
application/javascript 3.19.54.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.vidoomy.com/biotrendies_18092.js
Requested by: Host: biotrendies.com
URL: https://biotrendies.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.19.54.139 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-19-54-139.us-east-2.compute.amazonaws.com
Software: Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash: 188bf1db6765885d693741114cfd53fee22fd0d1a4687f0c86eeb69da69a9dde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 09 Dec 2022 00:53:19 GMT
Server: Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=300
Content-Length: 4996

GET
H2 200 all.css
use.fontawesome.com/releases/v5.8.2/css/ 54 KB
12 KB 41ms
15ms Stylesheet
text/css 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.8.2/css/all.css
Requested by: Host: biotrendies.com
URL: https://biotrendies.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06d6e10886ed7de5561acab1935bce1c46174baa9cbd0bcb319aa3b69594131f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: KFZ662R9TY8C7DNH
age: 27452920
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: ab9D9IQRTPi92ResikuBuzEbWcwUJ65/z2UchAuWCQVeBvlLQ7yeumEhjhLRYCGxT7uWPcGv/u0=
last-modified: Wed, 30 Jun 2021 15:47:00 GMT
server: cloudflare
etag: W/"77cbad34e5ce95e70847b074e05faeab"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1rbmUXEGZweHtVsI%2BLSW3ly7wD72dNBoqtLMmHry8cGBOCX2M8qy6KVYoy32Vlq8wRC62xo3y3bqBC82v%2B4iAjS5%2FQb7r2lwH0nkR8vFBVBSXA%2BZdePUCn5VlOO8IIt6JvJyHA9e8Y%2BCeryAJHEKWTUD"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7769c35b6b529bb8-FRA

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 42ms
18ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: biotrendies.com
URL: https://biotrendies.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 617, 617, 617
age: 27443466
cdn-cachedat: 2021-06-08 14:35:16
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: a25b3b26237dd55b5f417f26a9965dbb
timing-allow-origin: *
cdn-requestcountrycode: US
cf-ray: 7769c35b6e469244-FRA
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.0/ 86 KB
31 KB 35ms
7ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.0/jquery.min.js

Requested by

Host: biotrendies.com
URL: https://biotrendies.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 06:18:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 239719
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30768
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Dec 2023 06:18:00 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
10 KB 43ms
20ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: biotrendies.com
URL: https://biotrendies.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 755
age: 14763576
cdn-cachedat: 12/13/2021 20:18:53
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 48135f30fbfcba704628453df5764d8f
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7769c35b6e499244-FRA
cdn-requestpullsuccess: True

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
964 B 40ms
18ms Script
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: biotrendies.com
URL: https://biotrendies.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ef82fdc8be9d094c478fb5002c71151f6dde2bcaa6816e70c8a1060140482c71

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 551
x-xss-protection: 1; mode=block
expires: Fri, 09 Dec 2022 00:53:19 GMT

GET
H2 200 autoptimize_d25c0e315e2341764caaf4e08286584c.css
biotrendies.com/wp-content/cache/autoptimize/1/css/ 834 KB
121 KB 39ms
35ms Stylesheet
text/css 2606:4700:3030::ac43:ac5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biotrendies.com/wp-content/cache/autoptimize/1/css/autoptimize_d25c0e315e2341764caaf4e08286584c.css
Requested by: Host: biotrendies.com
URL: https://biotrendies.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:ac5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 0f4d95b831d80e630a67f65cae1c1c8a86c1de75ff411f75665ff4d3af18a5c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16433
cf-polished: origSize=854749
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 21 Nov 2022 09:28:25 GMT
server: cloudflare
etag: W/"637b44b9-d0add"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2B7E%2Ft9GGccphdBoEQGq%2FscwBVeYNUCWN5qLI49SyfZsPNky1hIaVcImipNGwdaijCtTXvYjWQGlkPyE%2BFiaCfQ%2FaJIPL4YOnOF85ZYFjG9k7OPyHioDbMTo4Yq4SY81wwq%2B%2F2UdmmF9SWhwcNc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 7769c35b4d4c9207-FRA
expires: Tue, 28 Nov 2023 11:23:02 GMT

GET
H2 200 css
fonts.googleapis.com/ 15 KB
1 KB 44ms
18ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald%3A300%2C400%2C700%7CArchivo+Narrow%3A400%2C700%2C400italic%2C700italic%7CLato%3A100%2C300%2C400%2C700%2C900%2C100italic%2C300italic%2C400italic%2C700italic%2C900italic&ver=1561979075

Requested by

Host: biotrendies.com
URL: https://biotrendies.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fef4dc6db1497b5e4a381488aa730b6ce27d0d8a7fe9c3ca81ab836e00bca4ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 09 Dec 2022 00:53:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 00:53:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Dec 2022 00:53:19 GMT

GET
H3 200 jquery.min.js Show response
biotrendies.com/wp-includes/js/jquery/ 87 KB
32 KB 37ms
35ms Script
application/javascript 2606:4700:3030::ac43:ac5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biotrendies.com/wp-includes/js/jquery/jquery.min.js
Requested by: Host: biotrendies.com
URL: https://biotrendies.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:ac5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 356903
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 26 Apr 2022 09:47:29 GMT
server: cloudflare
etag: W/"6267bfb1-15db1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UTpkj9kLcRF159EEQrBfT5aDwceWjOoq%2B7XCuqxfWdz%2Fnop51nRQutBy1FK4tEIcK2ZZreRnlUua7wU5WEVhiiI2ZIOS5Vs3EgwdKLk%2FWldoSmc9%2BoNjK3j8I1VYkUJHUHS7uHXKicTFbVKB570%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 7769c35d4d94bb49-FRA
expires: Tue, 28 Nov 2023 11:23:04 GMT

GET
H3 200 fcc8474e79.js Show response
use.fontawesome.com/ 9 KB
4 KB 24ms
13ms Script
text/javascript 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/fcc8474e79.js
Requested by: Host: biotrendies.com
URL: https://biotrendies.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4aefbe7291db76250bf01a51c93912b9967305cbc43f7b612c8779c72b42ec27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BKCQ2BH0GCRZA7HK
age: 2717
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: DigXR0P+niYeWXk8S7MV9u+m+7jwTl0dv5D0COXHNk7/ZMXcaj1hEHUDHP7jUYhHNAJ/ITZFL+E=
last-modified: Thu, 01 Jul 2021 20:41:32 GMT
server: cloudflare
etag: W/"2c7ce6d114c2a672627119176dd60222"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MTW4Gppu%2FyHjpzyt7lRnKz%2B%2Bx3Zefs%2Bdiv9%2FbpgEbSTaKlDiiSf2FsF5B8YfqBpf21hjdMSjas5HdOWPJO0nBnHB9VGqZbrb%2BDuNGTa%2BEzOqCwQuP0UVFP7gr4VpvzDCHlTL5RU59F8O%2FF5IIX%2B45SWi"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1800
cf-ray: 7769c35d5cb49c12-FRA

GET
H2 200 4lRwgJze Show response
perspective.cdsignner.com/IT4wP1QMjQ0q9yfUkc0HsDqduPcjChLT8DaMk/Qdp/w9NODZHz9zKB8/ 0
145 B 3499ms
3407ms Script
application/javascript 91.208.197.151
ALEXHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://perspective.cdsignner.com/IT4wP1QMjQ0q9yfUkc0HsDqduPcjChLT8DaMk/Qdp/w9NODZHz9zKB8/4lRwgJze
Requested by: Host: biotrendies.com
URL: https://biotrendies.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.208.197.151 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS: app.liqquile.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 09 Dec 2022 00:53:22 GMT
cache-control: max-age=86400
server: nginx
content-length: 0
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript

GET fwol8r.js
cdn.yieldpass.com/ 0
0

GET
H3 200 biotrendies-sinborde.png
biotrendies.com/wp-content/uploads/2015/06/ 2 KB
2 KB 32ms
29ms Image
image/png 2606:4700:3030::ac43:ac5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://biotrendies.com/wp-content/uploads/2015/06/biotrendies-sinborde.png
Requested by: Host: biotrendies.com
URL: https://biotrendies.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:ac5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: f5e8aeb126ca69e3103e4e08d045a830eeb568dc8056f088f4c6da39efcca93e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16432
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1642
last-modified: Thu, 01 Mar 2018 15:46:22 GMT
server: cloudflare
etag: "5a98204e-66a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2BVP5DvFi1tGGCeLDxXSWSWzzBKiod7Za9ArXHgeJFVRukLHI5xpjxzLgs3BQ9PVNCGzJM34VF7E9IPIbxZr3lTwiVo0i4ovnu1toRbwfXCjT2yohtX3J95qoLrzB6di%2Fot9gWsSozQzzmWd380%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7769c35d4d97bb49-FRA
expires: Tue, 28 Nov 2023 11:23:04 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
49 KB 71ms
29ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9671774946167201

Requested by

Host: biotrendies.com
URL: https://biotrendies.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28fa8851b95b138e8ed9b148a88f65978e8fbb06e75c60a66aea6ccfb1ab4845

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://biotrendies.com/
Origin: https://biotrendies.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49699
x-xss-protection: 0
server: cafe
etag: 5499483602531299448
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 09 Dec 2022 00:53:19 GMT

GET
H2 200 pinit.js Show response
assets.pinterest.com/js/ 361 B
448 B 222ms
22ms Script
application/javascript 2a02:26f0:6c00:297::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit.js
Requested by: Host: biotrendies.com
URL: https://biotrendies.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:297::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

akamai-x-true-ttl: 300
content-encoding: br
x-cdn: akamai
etag: "62d32c28f14783b94192cd8d35bc010d"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=159
accept-ranges: bytes
content-length: 203

GET
H3 200 autoptimize_ccc06a8899c28b2f6ca8a650dd3a9102.js Show response
biotrendies.com/wp-content/cache/autoptimize/1/js/ 493 KB
144 KB 47ms
44ms Script
application/javascript 2606:4700:3030::ac43:ac5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biotrendies.com/wp-content/cache/autoptimize/1/js/autoptimize_ccc06a8899c28b2f6ca8a650dd3a9102.js
Requested by: Host: biotrendies.com
URL: https://biotrendies.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:ac5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 306b35a65223c5c0d9d2fabf4ef4366697c4a1443ebecee87f1014bad92493a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 158330
cf-polished: origSize=505317
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 21 Nov 2022 09:28:25 GMT
server: cloudflare
etag: W/"637b44b9-7b5e5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=86YJrguA5JyooYq7VFVdA2YkrJvy18dApn%2BRihtfVcD2A7M4R8K%2BCUOc8CX%2FFiiay67OjBflHj3iV7joi6dFNvQuYuu4T1Yz9JMZC7WyQtap%2FeHF98mr6U%2B%2FuAghEwCQ8vrqVcCEfIYchIBUb%2Bo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 7769c35d4d98bb49-FRA
expires: Wed, 29 Nov 2023 10:54:02 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 184 KB
68 KB 48ms
23ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-53PVW3

Requested by

Host: biotrendies.com
URL: https://biotrendies.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

237e70a24d2e720908479a80733c287c0fce31059e45a52bab0054be57922286

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69093
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 09 Dec 2022 00:53:19 GMT

GET
H3 200 autoptimize_541e2ced151704f4ff1844c6de47ec02.css
biotrendies.com/wp-content/cache/autoptimize/1/css/ 7 KB
2 KB 32ms
30ms Stylesheet
text/css 2606:4700:3030::ac43:ac5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biotrendies.com/wp-content/cache/autoptimize/1/css/autoptimize_541e2ced151704f4ff1844c6de47ec02.css
Requested by: Host: biotrendies.com
URL: https://biotrendies.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:ac5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 2e05a099697256c998974e9155f9d6c2c2df700504628e7cb30977fe773eb63c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16432
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 21 Nov 2022 09:28:23 GMT
server: cloudflare
etag: W/"637b44b7-1b6d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3PS7lipEPKUQWRjrdkI90NUZAwbJP7wDk8Az4ShoQ0qm5bdM6DdfnSHOHn6nS7heIL9LkjA4E%2BiLMougx7M%2BBpxgWjTEqQAtTh5aWrBg1mzc2NoXacC9I0MtkOG7TBHS34osnv7Z6HWKPAFuH84%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 7769c35d4d9ebb49-FRA
expires: Tue, 28 Nov 2023 11:23:05 GMT

GET
H3 200 wp-emoji-release.min.js Show response
biotrendies.com/wp-includes/js/ 18 KB
5 KB 16ms
13ms Script
application/javascript 2606:4700:3030::ac43:ac5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biotrendies.com/wp-includes/js/wp-emoji-release.min.js
Requested by: Host: biotrendies.com
URL: https://biotrendies.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:ac5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 52603
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 26 Apr 2022 09:47:28 GMT
server: cloudflare
etag: W/"6267bfb0-4705"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mOBFx6tpeV4lAlHuN62DtFNHJxZEW8oDYl846U1DgeQ0xagFn2psRZrUGNqB%2B7Pnuuwd6m%2BSCMZQLQ65sCnGeSDxLP1qI%2BBPsWaMPx665TS7EOtdILkN8GOiEnpfjlGGIJn8wXN1QI68H4pMV8Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 7769c35d4d9abb49-FRA
expires: Tue, 28 Nov 2023 11:23:05 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 31ms
6ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: biotrendies.com
URL: https://biotrendies.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 08 Dec 2022 23:24:40 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5319
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 09 Dec 2022 01:24:40 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 81 KB
28 KB 44ms
15ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: biotrendies.com
URL: https://biotrendies.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14832c341e4f4678bb6e59d73dce5dabff413bf8ee5375884913d0f8952197e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27686
x-xss-protection: 0
server: sffe
etag: "1416 / 680 of 1000 / last-modified: 1670540977"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 09 Dec 2022 00:53:19 GMT

GET
H2 200 hotjar-793692.js Show response
static.hotjar.com/c/ 7 KB
3 KB 58ms
39ms Script
application/javascript 13.32.27.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-793692.js?sv=6

Requested by

Host: biotrendies.com
URL: https://biotrendies.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-16.fra56.r.cloudfront.net

Software

Resource Hash

f6bf316f2ed512cc95640b6f97edc6f55f791a2481b6b1d28116d279a1198d8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:19 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
etag: W/788c0a630e063f6703fb728e230a301d
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: aRHoDBVlQJNXYRJ1hqupoAsfdxewqxifXLL1xw5TIgp6QGJ7oFiFsw==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 26ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: biotrendies.com
URL: https://biotrendies.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 09 Dec 2022 00:53:19 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27340
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: DGVe74BQUCeyt0odqjimYS1tDHDsmUTIP1JJElp7qshUL5cy5TSS5mZ5W3Gf8UXN3NIz5s55fvnpwXkS9bdCew==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v49/ 25 KB
25 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A300%2C400%2C700%7CArchivo+Narrow%3A400%2C700%2C400italic%2C700italic%7CLato%3A100%2C300%2C400%2C700%2C900%2C100italic%2C300italic%2C400italic%2C700italic%2C900italic&ver=1561979075

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://biotrendies.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 21:13:14 GMT
x-content-type-options: nosniff
age: 272405
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25372
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:24:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Dec 2023 21:13:14 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 34ms
13ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://biotrendies.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 17:07:14 GMT
x-content-type-options: nosniff
age: 200765
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Dec 2023 17:07:14 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: biotrendies.com
URL: https://biotrendies.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0a4ce60b746511909ac0a0ed43f4b5068ced6adecbb79a6a51dd80468afab103

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 09 Dec 2022 00:53:19 GMT
content-md5: 1VWKDfovmqXt68OV9ZIRDw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: Q5GaYGJt8flsL3rtXekhRMVNKWBCpRGeyWCXYUEiN6/ZfKszptMLg+rI4xRuWsUTHX3d//BsSupuZzHydu3Q/w==
x-fb-trip-id: 917726464
x-fb-content-md5: 7d29e1fa1a2dba6f3efda338f5c7baa5
cross-origin-opener-policy: same-origin-allow-popups
etag: "bb2cfbdaed77cd88afb985268dee4a5b"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 09 Dec 2022 01:06:19 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 24ms
15ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://biotrendies.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 17:07:14 GMT
x-content-type-options: nosniff
age: 200765
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Dec 2023 17:07:14 GMT

GET
H2 200 tss0ApVBdCYD5Q7hcxTE1ArZ0bbwiXw.woff2
fonts.gstatic.com/s/archivonarrow/v28/ 17 KB
17 KB 27ms
19ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/archivonarrow/v28/tss0ApVBdCYD5Q7hcxTE1ArZ0bbwiXw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75a06255783cd39b9a9f24cd51d3a9c0ee78b535636b8dfca075a8e519416937

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://biotrendies.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 21:14:04 GMT
x-content-type-options: nosniff
age: 99555
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17508
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 18:00:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Dec 2023 21:14:04 GMT

GET
H3 200 fontawesome-webfont.woff
biotrendies.com/wp-content/plugins/wp-menu-cart-pro/assets/fonts/ 64 KB
64 KB 45ms
45ms Font
font/woff 2606:4700:3030::ac43:ac5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biotrendies.com/wp-content/plugins/wp-menu-cart-pro/assets/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by: Host: biotrendies.com
URL: https://biotrendies.com/wp-content/cache/autoptimize/1/css/autoptimize_d25c0e315e2341764caaf4e08286584c.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:ac5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

Referer: https://biotrendies.com/wp-content/cache/autoptimize/1/css/autoptimize_d25c0e315e2341764caaf4e08286584c.css
Origin: https://biotrendies.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 158330
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 65452
last-modified: Mon, 26 Feb 2018 14:37:35 GMT
server: cloudflare
etag: "5a941baf-ffac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p9k36SbH7zzchoyVoV1%2BCqRNVC%2FFHpFxfn5%2BYOm0e5OkOT9Q8DX0fJgKlWt25t0H1snRktNuYs4DWhvfAfTCpGScklV69ATuDbWnM3EzVPXYUS7gmDR10uOwK6ozeH%2BdPDaVMyONdTEMxdqHb8Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7769c35d5dc1bb49-FRA
expires: Tue, 28 Nov 2023 11:23:05 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 306 KB
86 KB 23ms
12ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=84d59f82f1d5865076f0903c45504dc8

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d1c924248b681f4284ac0d51271a4c1a7bb654bffc4d9370e12cca346f5e34e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://biotrendies.com/
Origin: https://biotrendies.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 09 Dec 2022 00:53:19 GMT
content-md5: Ssi2gItKm2n+18tzUbbqUw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88438
x-fb-rlafr: 0
x-fb-debug: NOcdvtkSnI0JXnyww8Kk+4ueW5ekIk/LMab4D0U7mHJheDaIGnQXoyIF8iUMJbFrsQo3YH4vdO+pwxQUblm5Hw==
x-fb-content-md5: b5ce0add1072deae8da53224e74c06bc
cross-origin-opener-policy: same-origin-allow-popups
etag: "c4b54183ddd6b2ab4e5d7d197d2327f8"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 08 Dec 2023 23:44:04 GMT

GET
H3 200 179613882866531 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 66ms
53ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/179613882866531?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

77a93e68028efa253cbbf69be8ec98c22ff4a06e3e26e326da02fba99385e363

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 09 Dec 2022 00:53:19 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: MaTunOM/equk1dXaXimb7BWA7UEuwljHdKQnSS/vpxlsWnQPPIA9zHGVF1J7ke7HzGvs4n7KfhS7INaFY/WUXQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 fontawesome-webfont.woff2
biotrendies.com/wp-content/themes/kami/css/fonts/awesome-fonts/fonts/ 75 KB
76 KB 32ms
32ms Font
font/woff2 2606:4700:3030::ac43:ac5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biotrendies.com/wp-content/themes/kami/css/fonts/awesome-fonts/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: biotrendies.com
URL: https://biotrendies.com/wp-content/cache/autoptimize/1/css/autoptimize_d25c0e315e2341764caaf4e08286584c.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:ac5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://biotrendies.com/wp-content/cache/autoptimize/1/css/autoptimize_d25c0e315e2341764caaf4e08286584c.css
Origin: https://biotrendies.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 52602
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
last-modified: Mon, 15 Oct 2018 14:43:46 GMT
server: cloudflare
etag: "5bc4a7a2-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5nmFQtvNu88WGt4q15i2hGOmg0QKqmjhYO1ipKHNiwwlobbkQWZ2Kcz68%2Fp8kOV5ItU9pucJhqNNaSgLmY8p7fwnkTDlzzUcRap7eQAXehuS4LSsqahq7iUtOjx%2FxncHvys1IMz%2FVYzeyLQfpSI%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7769c35dbe29bb49-FRA
expires: Tue, 28 Nov 2023 11:23:05 GMT

GET
H3 200 fcc8474e79.css
use.fontawesome.com/ 1 KB
958 B 12ms
11ms Stylesheet
text/css 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/fcc8474e79.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/fcc8474e79.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28d927c75720da4571d2cbfec07c8715eea21c254aed3c26bd6504c125176d9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: PTFDMDX1RAEN0W80
age: 2516
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: AzHKauN0fxk+JJwlfU6N2YvwWS/RBXWUAvJQAUSmRvgaNhY1HMTBrajb702eWjxx4Zs/H09+TAA=
last-modified: Thu, 01 Jul 2021 20:41:32 GMT
server: cloudflare
etag: W/"4589cfbfee9c925933ffa9e532a94846"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=drHY22JrmLJg0tyVGkJtxWuiA4R60uv4YWp6LHwjKyJK2vhioA2w%2F%2ByHSsVLIzC9ZEaklBdPPfxEHsEJa4HjEuT%2FpORoRcXi7%2F2Uv2ZIFyN1sF5ya6ssZYWE8MyKeAryU5vSion5JpmTdMrNR7nXV4Ao"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
cf-ray: 7769c35dbd1f9c12-FRA

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 23ms
8ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:45:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 454
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 09 Dec 2022 01:45:45 GMT

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:40:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 785
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1129
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 09 Dec 2022 01:40:14 GMT

GET
H3 200 font-awesome-css.min.css
use.fontawesome.com/releases/v4.6.3/css/ 28 KB
7 KB 13ms
13ms Stylesheet
text/css 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.6.3/css/font-awesome-css.min.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/fcc8474e79.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61f7de13520a14ec37ba246b4846f5850ab87ffbc0d5b366709509c1d97d83b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.fontawesome.com/fcc8474e79.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 5CJKWH0T63YM2WBS
age: 2103955
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 3X1Q1x6ynQw3SjHjeKJzwBMc3GF6QCYiF9NTBJvYJ3Q5LjASUUVI7RpQscKs9pFlVJ8a5+OdjOw=
last-modified: Wed, 30 Jun 2021 15:26:48 GMT
server: cloudflare
etag: W/"7937bc10f6c59ceed1ff6e6bbebfcd8d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DRRoTeF1GzFn%2BptmbopGT3NtLQn0KUIH96HxbkWcRjuKgldJSexiloGxWAySdjzuSxl30L06E%2BiRK0BHbWBq4xF2RwhfszOXJcvaMn9sZQfXhvzPGU%2BBAJCFuopYtIJJOHmj5UdTiI0ExnOMQB5ACam8"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7769c35ded569c12-FRA

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ 402 KB
162 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5773240cdcd07b20f60e178a5d1bdbec55783aba224236be6a40429d1cf44998

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://biotrendies.com/
Origin: https://biotrendies.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 20:20:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16365
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164812
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Dec 2023 20:20:34 GMT

GET
H2 200 modules.bc0a4c72d88d266f15af.js Show response
script.hotjar.com/ 263 KB
68 KB 42ms
7ms Script
application/javascript 52.222.236.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.bc0a4c72d88d266f15af.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-793692.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-43.fra56.r.cloudfront.net

Software

Resource Hash

5266a11278de436c711a6fc1ab0618616f2495135c0157b21899c11f19ab163a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 14:35:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 123493
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68590
last-modified: Wed, 07 Dec 2022 14:34:24 GMT
etag: "2375e31c5dc0ca09d740bee5c1486c2b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: rzaHw1wPLt6P1xyjALNq--ZQ4-z9K_CISWTM1kzA7EEICJL8yMHGcw==

GET
H2 200 pubads_impl_2022120601.js Show response
securepubads.g.doubleclick.net/gpt/ 381 KB
130 KB 87ms
7ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

949ef00ce71e069fc69a6b829771726245072e18e56b264c536837c459b3febf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 11:45:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133670
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132161
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 09:39:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 07 Dec 2023 11:45:29 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 183 B
737 B 96ms
18ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=biotrendies.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f87afa0cbe8634c0e7e88bb0bd7bc08b21174b8c1e74c4aa474e4517ad18e860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102
x-xss-protection: 0
expires: Fri, 09 Dec 2022 00:53:19 GMT

GET
H2 200 formats.js Show response
ad.lkqd.net/vpaid/ Frame B2D9 118 KB
35 KB 93ms
21ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/formats.js
Requested by: Host: biotrendies.com
URL: https://biotrendies.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: 7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:19 GMT
content-encoding: gzip
last-modified: Fri, 11 Dec 2020 00:09:23 GMT
etag: "286704660baa2c113268f28385080796"
x-hw: 1670547199.cds298.lo4.hn,1670547199.cds030.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 35765

GET
H3 200 fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.6.3/fonts/ 70 KB
71 KB 29ms
20ms Font
application/octet-stream 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.6.3/fonts/fontawesome-webfont.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/fcc8474e79.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer: https://use.fontawesome.com/fcc8474e79.css
Origin: https://biotrendies.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 8G4XWNAVSWM3AXQS
age: 389343
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 71896
x-amz-id-2: RimQHwPXsctK/QzQgnsLe95L2nloVsXv20F6Th5vZO7tueQWXJPxmwIAcV6N+aDWCrAbrSf5Tog=
last-modified: Wed, 30 Jun 2021 15:26:48 GMT
server: cloudflare
etag: "e6cf7c6ec7c2d6f670ae9d762604cb0b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g3Iiv4vkVy45Hz6Hf58bHhWBPyPlbmPi%2BEwJTzXip0%2Bhy%2BlGoJmMksBPFzT7PDS9P7fcvVoOJ8gVSosvKuC48a0I1HaE1ZqlWjZJhPofQzeG1h9OeRRZ9WPdvqRZkBnM6o1iDB%2BfQnNyl9fA0uEYTwia"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7769c35e5867901f-FRA

GET
H2 200 formats.js Show response
ad.lkqd.net/vpaid/ Frame 0190 118 KB
35 KB 102ms
42ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/formats.js
Requested by: Host: biotrendies.com
URL: https://biotrendies.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: 7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:19 GMT
content-encoding: gzip
last-modified: Fri, 11 Dec 2020 00:09:23 GMT
etag: "286704660baa2c113268f28385080796"
x-hw: 1670547199.cds298.lo4.hn,1670547199.cds030.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 35765

GET
H/1.1 200
OK auto-user-sync
ads.stickyadstv.com/ 43 B
539 B 128ms
21ms Image
image/gif 184.86.251.220
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/auto-user-sync
Requested by: Host: biotrendies.com
URL: https://biotrendies.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.251.220 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-251-220.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 09 Dec 2022 00:53:19 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1670547199803016-524
Expires: Fri, 09 Dec 2022 00:53:19 GMT

GET
H2

200

cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://x.bidswitch.net/sync?ssp=vidoomy&user_id=241850124.233082831152416092.81926015
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=241850124.233082831152416092.81926015
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=vidoomy&bsw_param=ab5f50e8-b485-4237-93e5-551b3ad984ba&google_hm=YWI1ZjUwZTgtYjQ4NS00MjM3LTkzZTUtNTUxYjNhZDk4NGJh
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm=&google_sc=&ssp=vidoomy&bsw_param=ab5f50e8-b485-4237-93e5-551b3ad984ba&google_hm=YWI1ZjUwZTgtYjQ4NS00MjM3LTkzZTUtNTUxYjNhZDk4NG...
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEJO98JY6-9GtGy-Azup5iSw&google_cver=1&ssp=vidoomy&bsw_param=ab5f50e8-b485-4237-93e5-551b3ad984ba
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=ab5f50e8-b485-4237-93e5-551b3ad984ba

43 B
356 B

7ms
7ms

Image
image/gif

3.66.71.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=ab5f50e8-b485-4237-93e5-551b3ad984ba
Requested by: Host: biotrendies.com
URL: https://biotrendies.com/
Protocol: H2
Server: 3.66.71.88 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-71-88.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:20 GMT
content-encoding: none
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-VD-C
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 43

Redirect headers

location: //a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=ab5f50e8-b485-4237-93e5-551b3ad984ba
date: Fri, 09 Dec 2022 00:53:20 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://ups.analytics.yahoo.com/ups/58610/occ
https://ups.analytics.yahoo.com/ups/58610/occ?verify=true
https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-OtITMxxE2uFALBtBlP2QOAEKrABPp010SkMI1.c-~A

43 B
357 B

35ms
7ms

Image
image/gif

3.66.71.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-OtITMxxE2uFALBtBlP2QOAEKrABPp010SkMI1.c-~A
Requested by: Host: biotrendies.com
URL: https://biotrendies.com/
Protocol: H2
Server: 3.66.71.88 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-71-88.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:20 GMT
content-encoding: none
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-VD-C
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 43

Redirect headers

location: https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-OtITMxxE2uFALBtBlP2QOAEKrABPp010SkMI1.c-~A
date: Fri, 09 Dec 2022 00:53:19 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/ 356 KB
117 KB 64ms
45ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9671774946167201&plah=biotrendies.com&bust=31071220

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9671774946167201

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1185fb47222238223724a8b2611d6ee5f14f094eb6ecb63ba4396936a5f1182a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120014
x-xss-protection: 0
server: cafe
etag: 396029167703340730
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 09 Dec 2022 00:53:19 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221130/r20190131/ Frame D8C8 10 KB
5 KB 35ms
6ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221130/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9671774946167201

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://biotrendies.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54487
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Dec 2022 09:45:12 GMT
etag: 10353107486223812946
expires: Thu, 22 Dec 2022 09:45:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 quant.js Show response
secure.quantserve.com/ 25 KB
10 KB 72ms
7ms Script
application/javascript 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53PVW3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 10c055e552cd4e8121eded0e5227a20534bfc3484aacecd99b553c069a332f53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:19 GMT
content-encoding: gzip
etag: "KvGSi9leJgKNKEGESzHjYw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Fri, 16 Dec 2022 00:53:19 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
75 KB 47ms
30ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q4ZH35M7DF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53PVW3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2189c0726ee0c6fab7890ea16c51def1e7c2f04ade183cd28db949a66e113331

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76848
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 09 Dec 2022 00:53:19 GMT

GET
H2 200 box-5e66f98b4ee957db209dc6f63e3d59dd.html Show response
vars.hotjar.com/ Frame FD85 2 KB
1 KB 44ms
7ms Document
text/html 18.66.147.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-793692.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-62.fra60.r.cloudfront.net

Software

Resource Hash

cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://biotrendies.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1338193
cache-control: max-age=31536000
content-encoding: br
content-length: 1035
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 13:10:06 GMT
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
x-amz-cf-id: sHkTy_zUFZMcdHhPCOY0Tr_g6KyGjQP7VijAiSnzN5cB1wlDZztazA==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 24ms
8ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=179613882866531&ev=PageView&dl=https%3A%2F%2Fbiotrendies.com%2F&rl=&if=false&ts=1670547199823&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670547199822.416249570&it=1670547199615&coo=false&rqm=GET

Requested by

Host: biotrendies.com
URL: https://biotrendies.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 09 Dec 2022 00:53:19 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 / Show response
biotrendies.com/ 249 B
820 B 400ms
400ms XHR
application/json 2606:4700:3030::ac43:ac5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://biotrendies.com/?wc-ajax=get_refreshed_fragments

Requested by

Host: biotrendies.com
URL: https://biotrendies.com/wp-includes/js/jquery/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:ac5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.33, PleskLin

Resource Hash

4fd4df834a59275be0e4dd26c23ee1e21d39d1a5caa18885f7aaaee3b83d2584

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://biotrendies.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 09 Dec 2022 00:53:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.33, PleskLin
x-pingback: https://biotrendies.com/xmlrpc.php
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding, Accept-Encoding,Cookie,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=apiQvwX1UUCcTH5PjCCWgbtXRnp3mNLWrrk2tE1jJ%2BjMdp5wFCsM%2FHSnZEcBuNGgt73uYPYyp9haF0nAUpSMADGVXrCEnJ67POKde2Pszz%2BG2fw1BSBpfxp5lcHYzJRszns8c4xya11aj8wF9fc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://biotrendies.com
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
cf-ray: 7769c35fc953bb49-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H3 200 / Show response
biotrendies.com/ 249 B
826 B 450ms
449ms XHR
application/json 2606:4700:3030::ac43:ac5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://biotrendies.com/?wc-ajax=get_refreshed_fragments

Requested by

Host: biotrendies.com
URL: https://biotrendies.com/wp-includes/js/jquery/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:ac5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.33, PleskLin

Resource Hash

4fd4df834a59275be0e4dd26c23ee1e21d39d1a5caa18885f7aaaee3b83d2584

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://biotrendies.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 09 Dec 2022 00:53:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.33, PleskLin
x-pingback: https://biotrendies.com/xmlrpc.php
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding, Accept-Encoding,Cookie,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IiVe3IGmtZ%2Bkbs43lLwW%2FtZldWqz6njpNYrimB1yYELdUKkv7TmN9YOTEdLDbAbpM1kJGj0AG%2F1vI8kbTVDkTw2XJ%2BTtyjTcW6FJA0US1TkZ9KPtDGgdE8E3UXGzNssQXBT7TZ49OmXY2YnVK50%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://biotrendies.com
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
cf-ray: 7769c35fd95bbb49-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 58ms
19ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-4695616-79&cid=856531091.1670547200&jid=389862701&gjid=1765139849&_gid=231197395.1670547200&_u=aGBAgUIpAAAAAEAMI~&z=119551730

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://biotrendies.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 09 Dec 2022 00:53:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://biotrendies.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=234557798&t=pageview&_s=1&dl=https%3A%2F%2Fbiotrendies.com%2F&ul=en-us&de=UTF-8&dt=Biotrendies%20%7C%20Alimentaci%C3%B3n%20saludable%20y%20consejos%20de%20nutrici%C3%B3n&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgUIpAAAAAAAMI~&jid=389862701&gjid=1765139849&cid=856531091.1670547200&tid=UA-4695616-79&_gid=231197395.1670547200&z=1245355452

Requested by

Host: biotrendies.com
URL: https://biotrendies.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Dec 2022 19:42:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 18631
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=234557798&t=event&ni=1&_s=2&dl=https%3A%2F%2Fbiotrendies.com%2F&ul=en-us&de=UTF-8&dt=Biotrendies%20%7C%20Alimentaci%C3%B3n%20saludable%20y%20consejos%20de%20nutrici%C3%B3n&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Homepage&ea=viewed%20homepage&_u=aGBAgUIpAAAAAEAMI~&jid=&gjid=&cid=856531091.1670547200&tid=UA-4695616-79&_gid=231197395.1670547200&z=466608258

Requested by

Host: biotrendies.com
URL: https://biotrendies.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Dec 2022 19:42:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 18631
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pinit_main.js Show response
assets.pinterest.com/js/ 66 KB
19 KB 21ms
21ms Script
application/javascript 2a02:26f0:6c00:297::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit_main.js?0.8807796098634235
Requested by: Host: assets.pinterest.com
URL: https://assets.pinterest.com/js/pinit.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:297::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

akamai-x-true-ttl: 300
content-encoding: br
x-cdn: akamai
etag: "3725764cf05d1a0938de73d398772331"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=161
accept-ranges: bytes
content-length: 18679

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 46ms
17ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=biotrendies.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 45ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=biotrendies.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
591 B 2757ms
2742ms XHR
text/plain 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=960757076349717&correlator=1687085563866397&eid=31070945%2C31071149%2C31071256&output=ldjh&gdfp_req=1&vrg=2022120601&ptt=17&impl=fif&iu_parts=13837015%2CBIO_desktop_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&adks=4050515292&sfv=1-0-40&cust_params=area%3Dportada&sc=1&cookie_enabled=1&abxe=1&dt=1670547200021&lmt=1670547200&dlt=1670547199216&idt=767&adxs=200&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbiotrendies.com%2F&frm=20&vis=1&psz=1200x3231&msz=1200x0&fws=4&ohw=1200&ga_vid=856531091.1670547200&ga_sid=1670547200&ga_hid=234557798&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de71b7a2bb712dfe4b14ef2af0c85873821e4757eaff97c8a77451980bbabf5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 561
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://biotrendies.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
587 B 55ms
41ms XHR
text/plain 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=960757076349717&correlator=1687085563866397&eid=31070945%2C31071149%2C31071256&output=ldjh&gdfp_req=1&vrg=2022120601&ptt=17&impl=fif&iu_parts=13837015%2CBIO_desktop_head&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C970x250%7C728x90%7C980x90&ifi=3&adks=610841853&sfv=1-0-40&cust_params=area%3Dportada&sc=1&cookie_enabled=1&abxe=1&dt=1670547200027&lmt=1670547200&dlt=1670547199216&idt=767&adxs=200&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbiotrendies.com%2F&frm=20&vis=1&psz=1200x0&msz=1200x0&fws=4&ohw=1200&ga_vid=856531091.1670547200&ga_sid=1670547200&ga_hid=234557798&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef4a4fd14b8b5a3bff66a3ca1d54f941b1be445079f64a2c9238fa87c44e5f1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 557
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://biotrendies.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
36e4c8c3a5077285786bf939c281264c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6DDD 6 KB
3 KB 86ms
14ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://36e4c8c3a5077285786bf939c281264c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://biotrendies.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 00:53:20 GMT
expires: Sat, 09 Dec 2023 00:53:20 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame A2A1 4 KB
2 KB 32ms
32ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 1882
content-type: text/html
date: Fri, 09 Dec 2022 00:53:20 GMT
etag: "952dcfd8e3703b5a7e78418d51009535"
last-modified: Fri, 18 Feb 2022 17:38:44 GMT
x-hw: 1670547200.cds298.lo4.hn,1670547200.cds074.lo4.c

GET ad
v.lkqd.net/ Frame B2D9 0
0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 397 B
699 B 39ms
17ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=biotrendies.com&callback=_gfp_s_&client=ca-pub-9671774946167201&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9671774946167201&plah=biotrendies.com&bust=31071220

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c7f1fcfe1a04aeb09097c95bebdc0e577157a41897f1ff46289155b932ba123

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 254
x-xss-protection: 0

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 77DD 603 B
68 B 43ms
28ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9671774946167201&output=html&adk=1812271804&adf=3025194257&lmt=1670547200&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fbiotrendies.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670547199749&bpp=4&bdt=532&idt=324&shv=r20221130&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7000165271034&frm=20&pv=2&ga_vid=856531091.1670547200&ga_sid=1670547200&ga_hid=234557798&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44760911%2C31071220%2C44779793&oid=2&pvsid=960757076349717&tmod=793297497&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=338

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://biotrendies.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 00:53:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame DC6F 4 KB
2 KB 23ms
23ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 1882
content-type: text/html
date: Fri, 09 Dec 2022 00:53:20 GMT
etag: "952dcfd8e3703b5a7e78418d51009535"
last-modified: Fri, 18 Feb 2022 17:38:44 GMT
x-hw: 1670547200.cds298.lo4.hn,1670547200.cds074.lo4.c

GET ad
v.lkqd.net/ Frame 0190 0
0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
346 B 35ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Q4ZH35M7DF&gtm=2oebu0&_p=234557798&cid=856531091.1670547200&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1670547200&sct=1&seg=0&dl=https%3A%2F%2Fbiotrendies.com%2F&dt=Biotrendies%20%7C%20Alimentaci%C3%B3n%20saludable%20y%20consejos%20de%20nutrici%C3%B3n&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q4ZH35M7DF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 00:53:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://biotrendies.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-vY3yVtCqAnfjt.js Show response
rules.quantcount.com/ 1 KB
1 KB 1340ms
954ms Script
application/javascript 2600:9000:238c:1a00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-vY3yVtCqAnfjt.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:238c:1a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 54e383dfafc67c2952bdbf7268cfedf14ea1bdf6a7ce55305df763277bcbff2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:22 GMT
content-encoding: gzip
via: 1.1 c1a50678c80d9d0a7ec4bc908d3a82e4.cloudfront.net (CloudFront)
x-amz-cf-pop: BOM78-P6
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Fri, 14 Oct 2022 00:27:24 GMT
server: AmazonS3
etag: W/"5c3b046c8d17cf8a9a691d169a63f45d"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: OHRRlxegIMYfzA_kMDvcEGjrgVGS-TkkJqQC8X9OyvsbTknVdx53MQ==

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 36ms
18ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-4695616-79&cid=856531091.1670547200&jid=389862701&_u=aGBAgUIpAAAAAEAMI~&z=122380755

Requested by

Host: biotrendies.com
URL: https://biotrendies.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 00:53:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 39ms
17ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-4695616-79&cid=856531091.1670547200&jid=389862701&_u=aGBAgUIpAAAAAEAMI~&z=122380755

Requested by

Host: biotrendies.com
URL: https://biotrendies.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 00:53:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/793692/ 147 B
322 B 123ms
33ms XHR
application/json 99.81.68.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/793692/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.bc0a4c72d88d266f15af.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.68.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-68-255.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 281d704874a4f296b2e6ec2fcd9464321440a876204662f267df4b0347aff7ca

Request headers

Referer: https://biotrendies.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Fri, 09 Dec 2022 00:53:20 GMT
content-encoding: br
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2

200

cs
cs.lkqd.net/ Frame A2A1
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=f91888bc-6324-415e-83e9-e3794b3bcae6

43 B
308 B

216ms
94ms

Image
image/gif

146.20.128.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=f91888bc-6324-415e-83e9-e3794b3bcae6
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:20 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=f91888bc-6324-415e-83e9-e3794b3bcae6
date: Fri, 09 Dec 2022 00:53:20 GMT
server: _
content-length: 0

GET
H2 200 cs
cs.lkqd.net/ Frame A2A1 43 B
308 B 297ms
92ms Image
image/gif 146.20.128.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:20 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame A2A1 43 B
309 B 295ms
91ms Image
image/gif 146.20.128.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:20 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame A2A1
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7257563307851287590

43 B
308 B

196ms
95ms

Image
image/gif

146.20.128.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7257563307851287590
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:20 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7257563307851287590
pragma: no-cache
date: Fri, 09 Dec 2022 00:53:19 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

cs
cs.lkqd.net/ Frame A2A1
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=z3dZ7IINRexjk-ZtljIL7cEbDgo

43 B
308 B

92ms
91ms

Image
image/gif

146.20.128.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=z3dZ7IINRexjk-ZtljIL7cEbDgo
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:20 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Location: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=z3dZ7IINRexjk-ZtljIL7cEbDgo
Date: Fri, 09 Dec 2022 00:53:20 GMT
Connection: keep-alive
Content-Length: 104
Content-Type: text/html; charset=utf-8

GET
H2

200

cs
cs.lkqd.net/ Frame DC6F
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=8a80a916-d1b4-446c-98c8-6b1d5ace5ffa

43 B
308 B

217ms
96ms

Image
image/gif

146.20.128.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=8a80a916-d1b4-446c-98c8-6b1d5ace5ffa
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:20 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=8a80a916-d1b4-446c-98c8-6b1d5ace5ffa
date: Fri, 09 Dec 2022 00:53:20 GMT
server: _
content-length: 0

GET
H2 200 cs
cs.lkqd.net/ Frame DC6F 43 B
308 B 300ms
98ms Image
image/gif 146.20.128.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:20 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame DC6F 43 B
308 B 295ms
93ms Image
image/gif 146.20.128.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:20 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame DC6F
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7329620901889215526

43 B
308 B

197ms
97ms

Image
image/gif

146.20.128.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7329620901889215526
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:20 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7329620901889215526
pragma: no-cache
date: Fri, 09 Dec 2022 00:53:19 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

cs
cs.lkqd.net/ Frame DC6F
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=qNkVPHBrSTpaAlcLv4sSr8EbDgo

43 B
308 B

93ms
93ms

Image
image/gif

146.20.128.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=qNkVPHBrSTpaAlcLv4sSr8EbDgo
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:20 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Location: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=qNkVPHBrSTpaAlcLv4sSr8EbDgo
Date: Fri, 09 Dec 2022 00:53:20 GMT
Connection: keep-alive
Content-Length: 104
Content-Type: text/html; charset=utf-8

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 08A2 0
18 B 28ms
16ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: biotrendies.com
URL: https://biotrendies.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://biotrendies.com
Referer: https://biotrendies.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://biotrendies.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 00:53:20 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 /
log.pinterest.com/ 0
338 B 61ms
38ms Image
text/plain 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.pinterest.com/?type=pidget&guid=Do9Y70iHbLej&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fbiotrendies.com%2F&viaSrc=canonical
Requested by: Host: biotrendies.com
URL: https://biotrendies.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-cache-hits: 0
date: Fri, 09 Dec 2022 00:53:21 GMT
via: 1.1 varnish
x-cache: MISS
x-envoy-upstream-service-time: 4
x-pinterest-rid: 5931269742041712
content-length: 0
x-served-by: cache-hhn-etou8220095-HHN
pragma: no-cache
server: envoy
x-timer: S1670547201.224680,VS0,VE31
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
accept-ranges: bytes
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pixel;r=1550359604;labels=title.Biotrendies%20%7C%20Alimentaci%C3%B3n%20saludable%20y%20consejos%20de%20nutrici%C3%B3n%2Ctitle.BioTrendies;source=gtm;rf=0;a=p-vY3yVtCqAnfjt;url=https%3A%2F%2Fbiotre...
pixel.quantserve.com/ 35 B
371 B 40ms
9ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1550359604;labels=title.Biotrendies%20%7C%20Alimentaci%C3%B3n%20saludable%20y%20consejos%20de%20nutrici%C3%B3n%2Ctitle.BioTrendies;source=gtm;rf=0;a=p-vY3yVtCqAnfjt;url=https%3A%2F%2Fbiotrendies.com%2F;uht=2;fpan=1;fpa=P0-1422413116-1670547200130;pbc=;ns=0;ce=1;qjs=1;qv=b2bd41b7-20221206125257;cm=;gdpr=0;ref=;d=biotrendies.com;dst=0;et=1670547201481;tzo=0;ogl=locale.es_ES%2Ctitle.Biotrendies%20%7C%20Alimentaci%C3%B3n%20saludable%20y%20consejos%20de%20nutrici%C3%B3n%2Cdescription.P%C3%A1sate%20a%20la%20vida%20saludable%20con%20Biotrendies%252E%20Consejos%20de%20alimentaci%C3%B3n%252C%20informaci%C3%B3%2Curl.https%3A%2F%2Fbiotrendies%252Ecom%2F%2Csite_name.BioTrendies%2Cimage.https%3A%2F%2Fbiotrendies%252Ecom%2Fwp-content%2Fuploads%2F2015%2F06%2Fbiotrendies-sin%252Epng%2Cimage%3Awidth.106%2Cimage%3Aheight.99%2Cimage%3Atype.image%2Fpng%2Ctitle.BioTrendies%2Ctype.article%2Curl.https%3A%2F%2Fbiotrendies%252Ecom%2F%2Cimage.https%3A%2F%2Fbiotrendies%252Ecom%2Fwp-content%2Fuploads%2F2015%2F06%2Fbiotrendies-sin%252Epng%2Cimage.;ses=c5cd50be-a60b-4647-85d2-6766db043df6

Requested by

Host: biotrendies.com
URL: https://biotrendies.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 00:53:21 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 beber-te-rojo-beneficioso-684x452.jpg
biotrendies.com/wp-content/uploads/2017/01/ 75 KB
76 KB 25ms
24ms Image
image/jpeg 2606:4700:3030::ac43:ac5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://biotrendies.com/wp-content/uploads/2017/01/beber-te-rojo-beneficioso-684x452.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:ac5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 974114ddacc3159ceec2fa3b2068fd417f0c98e1ccff853769ad5be26810e7bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16429
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77085
last-modified: Thu, 01 Mar 2018 15:09:31 GMT
server: cloudflare
etag: "5a9817ab-12d1d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JwHvN3qlpXrh5VHWoX8tj4IWwgCUkkw4QcPurDhkaqE2XSKsc%2F3Ujnv0Qt2i2l2GOiSmpR9slX2n7rZ1GGdvOPHnLFQC%2BXi9phzhteXGUCWGTAo7HdOeMQ4Q6y%2F%2FpJeMalSm%2FTo8QNrxty3mjEY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7769c3736c05bb49-FRA
expires: Tue, 28 Nov 2023 11:23:08 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 40ms
23ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15958574113c38a99e576b2ba29f8babbed7d5ed02103ea9153b4097f6b68079

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11238
x-xss-protection: 0

GET
H3 200 snacks-que-no-debes-comer-si-deseas-bajar-de-peso-456x226.jpg
biotrendies.com/wp-content/uploads/2016/11/ 14 KB
15 KB 33ms
32ms Image
image/jpeg 2606:4700:3030::ac43:ac5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://biotrendies.com/wp-content/uploads/2016/11/snacks-que-no-debes-comer-si-deseas-bajar-de-peso-456x226.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:ac5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 3cbb3836ce829993a71a6d014fd5146944ebb206134c18793df0830af12b868a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16429
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14363
last-modified: Thu, 01 Mar 2018 15:13:29 GMT
server: cloudflare
etag: "5a981899-381b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=57c1kyAZQCRxNYgDB1UzuU8Ns%2B1PknHhaYzDaVKNzobnbD8BNjuloLjvKc57t30zRMFP12CdMj3PhRjYniKL0DNRKt4IWBYgMxIaO7UbvgW3fDOiD7WXNiTuj%2FUiGJ4bTkEkVZOhKIxknNe3qZs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7769c3736c16bb49-FRA
expires: Tue, 28 Nov 2023 11:23:08 GMT

GET
H3 200 ensalada-para-bajar-de-peso-485x300.jpg
biotrendies.com/wp-content/uploads/2019/01/ 42 KB
42 KB 42ms
36ms Image
image/jpeg 2606:4700:3030::ac43:ac5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://biotrendies.com/wp-content/uploads/2019/01/ensalada-para-bajar-de-peso-485x300.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:ac5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: d8f59a8790814ecde699f1495139c8559bb0526294f348e1a1381e89c044cec9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16429
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42822
last-modified: Thu, 31 Jan 2019 11:35:11 GMT
server: cloudflare
etag: "5c52dd6f-a746"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fuWJCdtvBtIBAKICQuLxhrA1yDZ9Q9qVeWjY3vCvXYQi%2F0UQHkisuFgecH2oLR4nesthWvqnhSwAAzjRQM%2FH4EFSySmshdoWIuGtlFMFqqI21HVu5SYLC0AZYtiOKnWpdtFoNEADH3STc4BKMro%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7769c3737c24bb49-FRA
expires: Tue, 28 Nov 2023 11:23:08 GMT

GET
H3 200 elaborar-plan-de-nutricion-230x140.jpg
biotrendies.com/wp-content/uploads/2019/01/ 7 KB
8 KB 42ms
37ms Image
image/jpeg 2606:4700:3030::ac43:ac5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://biotrendies.com/wp-content/uploads/2019/01/elaborar-plan-de-nutricion-230x140.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:ac5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 0a56bbd45d5e25aa5fc4b77e4535878c45ec7665b7ba4ecc056a22edd7df9ccb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16429
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7425
last-modified: Fri, 25 Jan 2019 10:40:40 GMT
server: cloudflare
etag: "5c4ae7a8-1d01"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BvDsqImdK%2F0LNp37%2FHAwyX7y5YHSVz1aB97j%2FKqZKQMWmRuemjhiBhat1tECXTQOohkteNQKH1HAA4%2BHMoCcBTQgn1yyhchYsJzGq5zNQm0b3%2FdL8rBmBzqT7Mfus7XXUVTGzDCAckWpfQNX%2F4M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7769c3737c27bb49-FRA
expires: Tue, 28 Nov 2023 11:23:14 GMT

GET
H3 200 Te-verde-230x140.jpg
biotrendies.com/wp-content/uploads/2016/05/ 9 KB
10 KB 44ms
39ms Image
image/jpeg 2606:4700:3030::ac43:ac5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://biotrendies.com/wp-content/uploads/2016/05/Te-verde-230x140.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:ac5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 54ac8c780aad1682b5f063f87439ea2c0810fabbdd0b90de246f8ac121ab661b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16429
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9628
last-modified: Thu, 01 Mar 2018 15:25:17 GMT
server: cloudflare
etag: "5a981b5d-259c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NnfjSEln1Q9Tyb7oMwT2de0hegcPZIOTVv1Xszm8Mv3SPFjXDpkoY2goI5QRHoCz8yXBqFN%2BZA5G9cl61kUflRhltiuPRehA%2FGvG6AOT0lNauwfPs9wvJUWnfPOXzcSNQT%2FVmiPdNbdK1V6pSxA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7769c3737c2cbb49-FRA
expires: Tue, 28 Nov 2023 11:23:14 GMT

GET
H3 200 salmon-con-costra-de-nueces-230x140.jpg
biotrendies.com/wp-content/uploads/2018/02/ 10 KB
11 KB 37ms
32ms Image
image/jpeg 2606:4700:3030::ac43:ac5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://biotrendies.com/wp-content/uploads/2018/02/salmon-con-costra-de-nueces-230x140.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:ac5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 79e6006e71c59f2fae37df71d1daf955d6b07691678ba914e69c39618e89dff6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16429
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10589
last-modified: Thu, 01 Mar 2018 15:00:00 GMT
server: cloudflare
etag: "5a981570-295d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5R37Bav0YzcrXjuuUEBijXL0%2Bqjej8ncNUF9tMOaIRnsoHWaFf3noAGz3jqLEE%2BwBY6ggA8Kl8dApVbub5ouzZ%2B69wDOKX3uWQAQqWP5uJMAAfH9LVU7%2Bv6wFs2P7gWgrnbAFf3%2FVwlsolWL%2B4k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7769c3737c2ebb49-FRA
expires: Tue, 28 Nov 2023 11:23:14 GMT

GET
H3 200 tupper-detox-230x140.jpg
biotrendies.com/wp-content/uploads/2019/01/ 10 KB
11 KB 62ms
57ms Image
image/jpeg 2606:4700:3030::ac43:ac5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://biotrendies.com/wp-content/uploads/2019/01/tupper-detox-230x140.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:ac5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 98fdce10a4c46e5b54d154a1b6ab14d085a43bc7270d900e0cf18cab9c679335

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16428
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10578
last-modified: Thu, 03 Jan 2019 09:08:33 GMT
server: cloudflare
etag: "5c2dd111-2952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h8LOt1JOqCXpjG%2FMgSMBFRMjeuVrQj23cBpi1SK9m23yGNPjULzwnCuCIQ9VDFbe%2Bb5amr71W34wzBVfV8OU31n%2BQL7BodslaQ1W3jkBT2VjkH4JnWHRJbeBWNckn0Cbg1u9IqiUho3aYsqeNkg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7769c3737c31bb49-FRA
expires: Tue, 28 Nov 2023 11:23:14 GMT

GET
H3 200 semillas-de-chia-con-avena-230x140.jpg
biotrendies.com/wp-content/uploads/2018/11/ 11 KB
11 KB 39ms
35ms Image
image/jpeg 2606:4700:3030::ac43:ac5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://biotrendies.com/wp-content/uploads/2018/11/semillas-de-chia-con-avena-230x140.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:ac5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: c1979d2f600bfc40844a361c305a7e083448c0edeed4c37a7dacd017d312b8ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16428
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10907
last-modified: Thu, 22 Nov 2018 08:53:24 GMT
server: cloudflare
etag: "5bf66e84-2a9b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oVtdQ%2BfnO7%2FDqhppd8XkdA2YlxcEqdjY8z1%2FWl0AnUE4vPrFosb%2F7IuD2Or7V5m9xgfm9Cf%2BTtXHltYc6l9i%2Fhc2wDjVl97ImMvNitHQwzFJjUi1IbPn1xTgdKntCfrSQgKRDvTEKpoDaCbnHVM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7769c3737c32bb49-FRA
expires: Tue, 28 Nov 2023 11:23:14 GMT

GET
H3 200 clases-de-desayunos-para-deportistas-230x140.jpg
biotrendies.com/wp-content/uploads/2018/12/ 8 KB
8 KB 38ms
33ms Image
image/jpeg 2606:4700:3030::ac43:ac5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://biotrendies.com/wp-content/uploads/2018/12/clases-de-desayunos-para-deportistas-230x140.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:ac5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 0de31d24ec42f3bdb5ffdb10298970c01c9c08c175efa7bb55bf44fb8a859f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16428
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8147
last-modified: Mon, 10 Dec 2018 14:12:01 GMT
server: cloudflare
etag: "5c0e7431-1fd3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ojQ5PbNSNF78qSh0ALKVmwKbZ3hCeYcM7rFkW67sGKtACS0I3%2BleFfWI2vEZ%2B0A4YZOLgWhqF59E78%2Bop1YXtUK8T%2F8kgUbTVZwXq6d5krVSZRPmPj39rTAUVhILOVN%2BEt08NjO%2F11eu8LrH8A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7769c3737c33bb49-FRA
expires: Tue, 28 Nov 2023 11:23:14 GMT

GET
H3 200 recetas-ensaladas-deportistas-456x226.jpg
biotrendies.com/wp-content/uploads/2018/12/ 25 KB
26 KB 20ms
16ms Image
image/jpeg 2606:4700:3030::ac43:ac5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://biotrendies.com/wp-content/uploads/2018/12/recetas-ensaladas-deportistas-456x226.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:ac5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 7f04056cb728a5a3f20e053d475ecb8f6671ecd190e3f527741bd655c55545bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16429
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25980
last-modified: Mon, 17 Dec 2018 10:17:33 GMT
server: cloudflare
etag: "5c1777bd-657c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qWvN6A5lSZ%2BpXcjQoD5AFOc2CN5NXgZ7zJ5HzSUO3Y8IjBoiLG%2FYxxJDeX%2BWEGQGRFKZ9l%2BsHpXmhAQeAuM3o309Hg1vOpTIV%2Fnvt%2FnBktitAr5gbBRlyxR5Js4MfHY%2Fds01AKb6Ic9F5r0tRrk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7769c3737c34bb49-FRA
expires: Tue, 28 Nov 2023 11:23:08 GMT

GET
H3 200 receta-pan-bizcocho-maicena-485x300.jpg
biotrendies.com/wp-content/uploads/2016/11/ 38 KB
38 KB 45ms
41ms Image
image/jpeg 2606:4700:3030::ac43:ac5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://biotrendies.com/wp-content/uploads/2016/11/receta-pan-bizcocho-maicena-485x300.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:ac5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: eefbd7c7a0f7a4014317a9e32a28a662dc05ac29473edad33b0e56f65a54372a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16429
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38687
last-modified: Thu, 01 Mar 2018 15:16:52 GMT
server: cloudflare
etag: "5a981964-971f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z2uO6nyfWzyr9BPTBVrY6kGCw2CNxV2oNu%2BwepIgMfZ0oCmSKMFMX4%2BcMscTTMkqEyotySFkjXyMC5CS5B%2FhULN3FD%2BWzGvGRFMxOVnbldblfF%2FXDQoEpchSUNSVxADJDZE%2FXNP%2Fcd2hqTCiK%2FY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7769c3737c35bb49-FRA
expires: Tue, 28 Nov 2023 11:23:08 GMT

GET
H3 200 app-dieta-vegetariana-o-vegana-230x140.jpg
biotrendies.com/wp-content/uploads/2019/01/ 8 KB
8 KB 46ms
41ms Image
image/jpeg 2606:4700:3030::ac43:ac5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://biotrendies.com/wp-content/uploads/2019/01/app-dieta-vegetariana-o-vegana-230x140.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:ac5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 66a5505bbc5c467220a1964b0374e57ae040eed2301631bfd14b7f2292929eb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16429
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7932
last-modified: Fri, 18 Jan 2019 10:00:41 GMT
server: cloudflare
etag: "5c41a3c9-1efc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rNtT%2BnbSLio9SUwANkCwtJdQ1vSMgZiEGDpCsRfL%2B88QOj8vgG7HzKBZvlyH%2Bypsgz%2BwlivTfQkzn7On6EAqeOsypYO1BEjSlI2YKGeMn%2F7yZY99oNNz2H8v7waWTxC3%2F2FB0ncFEmqE6Uz1vyw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7769c3737c38bb49-FRA
expires: Tue, 28 Nov 2023 11:23:14 GMT

GET
H3 200 beneficios-cafe-verde-230x140.jpg
biotrendies.com/wp-content/uploads/2018/12/ 11 KB
12 KB 43ms
39ms Image
image/jpeg 2606:4700:3030::ac43:ac5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://biotrendies.com/wp-content/uploads/2018/12/beneficios-cafe-verde-230x140.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:ac5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 2982ab2c16c42618aca6e59d7fca4807e78e8d58c2e14581e92dd43cbd804937

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16428
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11368
last-modified: Wed, 19 Dec 2018 10:57:13 GMT
server: cloudflare
etag: "5c1a2409-2c68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AKieD6xcCKv423aXKyvj0IquVTl8tKyNo7jYVHtEeI3zT6KgiU0iXVgjvMQoPEFfB86%2Fgmn5XMMBoTPV1HV9nkYogXznfxOYL9jyUWOjFi99Q6OHsfZ5A0WSBNrHWDJG%2BhRCqkB4WVNtBNZ2Pzw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7769c3737c39bb49-FRA
expires: Fri, 08 Dec 2023 17:22:43 GMT

GET
H3 200 que-es-la-kombucha-230x140.jpg
biotrendies.com/wp-content/uploads/2018/12/ 10 KB
10 KB 62ms
58ms Image
image/jpeg 2606:4700:3030::ac43:ac5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://biotrendies.com/wp-content/uploads/2018/12/que-es-la-kombucha-230x140.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:ac5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: b73b5758bb57ab0520377782b0453de1152961c8f2b69ce30ea6ffc1b431a7bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16428
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10079
last-modified: Wed, 05 Dec 2018 08:19:32 GMT
server: cloudflare
etag: "5c078a14-275f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QplW6SaTv1L8%2FJjS0Mh1SwDz0HgHf0e8pL4CzKK2nsbDuVu%2F4CYwvMuUMBSZ2kOlU%2F7ThbjsdzA5swaMgX5FYrCgfGtRsSzFI0bu1payYhXSwU9kFaxp2nkt0VT12twtKtzgYFCp9MNpI3kjesQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7769c3737c3abb49-FRA
expires: Fri, 08 Dec 2023 11:25:34 GMT

GET
H3 200 comer-mas-al-dia-485x300.jpg
biotrendies.com/wp-content/uploads/2019/01/ 28 KB
29 KB 35ms
32ms Image
image/jpeg 2606:4700:3030::ac43:ac5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://biotrendies.com/wp-content/uploads/2019/01/comer-mas-al-dia-485x300.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:ac5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 758e1f5655b876c7760804722001519347d299d7cb2f574c623f473088fadd0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16429
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28739
last-modified: Thu, 31 Jan 2019 11:52:50 GMT
server: cloudflare
etag: "5c52e192-7043"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YllkWvDUQ4wxLsbiQpaey962dQZiuLjLOU0AbEJV8Qi6G6BBlDSknMYuxkE1py4mc9BHLRbd03eHQgooKeUx%2FUdTTeE%2FLV8srFOUyoVK5LEItXiNapOtUjk8v5GPUHz%2Fox9mtN6YutAXUjM7u3U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7769c3737c3bbb49-FRA
expires: Sat, 02 Dec 2023 04:38:04 GMT

GET
H3 200 indicadores-calidad-alimentos-230x140.jpg
biotrendies.com/wp-content/uploads/2019/01/ 9 KB
9 KB 43ms
39ms Image
image/jpeg 2606:4700:3030::ac43:ac5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://biotrendies.com/wp-content/uploads/2019/01/indicadores-calidad-alimentos-230x140.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:ac5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 6f00a7410918df766cb48e2cf606853e497190d5974fefe3607fd158c441efea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16429
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9057
last-modified: Mon, 07 Jan 2019 08:24:12 GMT
server: cloudflare
etag: "5c330cac-2361"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SzpQh2oFqFisuG9pb4%2FgAXa5%2BxB0bhhQ0cZn4Epae1edIgNI6MWj7HwRH%2FQwExLekRQWanL9qC%2B2eUtWn8MdX5nMmcGIZccgzoZUruaLeme1rWQorkLnNastk7BV3kfJevSdLmlurC3J1ILhhxo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7769c3737c3cbb49-FRA
expires: Tue, 28 Nov 2023 11:23:14 GMT

GET
H3 200 Para-que-son-buenas-las-cerezas-230x140.jpg
biotrendies.com/wp-content/uploads/2016/10/ 10 KB
10 KB 43ms
40ms Image
image/jpeg 2606:4700:3030::ac43:ac5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://biotrendies.com/wp-content/uploads/2016/10/Para-que-son-buenas-las-cerezas-230x140.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:ac5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: d2aeb7fc7a5fd4a53f0ab8ff1f43323231580215fdcf086894328ae4ce713476

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16429
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10106
last-modified: Tue, 18 Oct 2016 13:25:59 GMT
server: cloudflare
etag: "580622e7-277a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ag8DLD0CJA0na8az0BbZLXm0HUZyx1k2DfpPdJSJ0gZTEhE0HOPeq1CNGssnD99B1Hp%2FRkcnjA079HzR7NUkV318DB254ct%2FcLi0wY%2FKQHs2iZbZAOQpeX8m1ariPFQ%2B2XNgyJJX714We9PgGpo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7769c3737c3dbb49-FRA
expires: Tue, 28 Nov 2023 11:23:14 GMT

GET
H3 200 ensalada-proteica-de-tofu-230x140.jpg
biotrendies.com/wp-content/uploads/2018/12/ 12 KB
13 KB 58ms
55ms Image
image/jpeg 2606:4700:3030::ac43:ac5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://biotrendies.com/wp-content/uploads/2018/12/ensalada-proteica-de-tofu-230x140.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:ac5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 4417bbec2789d9868cc82b3ef4f9670ed8dca9abe7b4697d8f4be78a26e1fd0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16428
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12309
last-modified: Thu, 13 Dec 2018 12:09:15 GMT
server: cloudflare
etag: "5c124beb-3015"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g0019zdrH0jJprLkL51oGNmObL8aKZAQDeW4nf2F0QSxHi5y0%2Fsjm7wX%2BiR4SdMj%2BlGyeS9AKBN3%2B3dpg92Gmtic07WM%2Bg87ggQlsrCpHMGZDeIo5nUkjUPLopNoHzIAi7KNRdCPcvyAseyFrQ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7769c3737c3ebb49-FRA
expires: Sun, 03 Dec 2023 09:16:38 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 40ms
17ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120601.js?cb=31071256

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 09 Dec 2022 00:53:23 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4952 13 KB
5 KB 24ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://biotrendies.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 9909
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 08 Dec 2022 22:08:14 GMT
expires: Fri, 08 Dec 2023 22:08:14 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 86EF 783 B
535 B 18ms
17ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f15f92634d2bddce61703e3289a2e01b08fd34e7d266fab774f14e79263c782c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WKz9wOl_Io8DoT_W1QyEBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://biotrendies.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-WKz9wOl_Io8DoT_W1QyEBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 00:53:23 GMT
expires: Fri, 09 Dec 2022 00:53:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 86EF 0
0 41ms
41ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120601&jk=960757076349717&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

GET
H3 200 T3BTWj-SqXOOtsP36vZJ1esojObpW8ivZm_viBadolo.js Show response
pagead2.googlesyndication.com/bg/ Frame 4952 36 KB
16 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/T3BTWj-SqXOOtsP36vZJ1esojObpW8ivZm_viBadolo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f70535a3f92a9738eb6c3f7eaf649d5eb288ce6e95bc8af666fef88169da25a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 16:38:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29716
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Dec 2023 16:38:07 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4952 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?yw8qdA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:23 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 287ms
91ms Preflight
text/plain 146.20.132.185
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.185 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://biotrendies.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://biotrendies.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 09 Dec 2022 00:53:23 GMT
server: nginx

POST
H2 200 t Show response
t.lkqd.net/ Frame 2888 0
163 B 292ms
96ms XHR
text/plain 146.20.132.185
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.185 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://biotrendies.com
date: Fri, 09 Dec 2022 00:53:24 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 ad Show response
v.lkqd.net/ Frame B2D9 2 KB
2 KB 899ms
820ms XHR
application/xml 69.20.43.192
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1151714&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fbiotrendies.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C44422%2C1%2C&c4=true&c5=&c6=44422&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=97533471&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 752808add885c275b8b2237d85ecc722f0db5926abe9e470bd0121c2001d6151

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:24 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://biotrendies.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1397

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 248ms
92ms Preflight
text/plain 146.20.132.185
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.185 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://biotrendies.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://biotrendies.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 09 Dec 2022 00:53:23 GMT
server: nginx

POST
H2 200 t Show response
t.lkqd.net/ Frame 6135 0
163 B 290ms
95ms XHR
text/plain 146.20.132.185
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.185 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://biotrendies.com
date: Fri, 09 Dec 2022 00:53:24 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 ad Show response
v.lkqd.net/ Frame 0190 180 B
354 B 153ms
113ms XHR
application/xml 69.20.43.192
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1151715&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fbiotrendies.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C44422%2C1%2C&c4=true&c5=&c6=44422&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=68763878&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:23 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://biotrendies.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 150

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 93ms
92ms Preflight
text/plain 146.20.132.185
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.185 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://biotrendies.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://biotrendies.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 09 Dec 2022 00:53:23 GMT
server: nginx

POST
H2 200 t Show response
t.lkqd.net/ Frame 6135 0
164 B 290ms
95ms XHR
text/plain 146.20.132.185
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.185 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://biotrendies.com
date: Fri, 09 Dec 2022 00:53:24 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 46ms
46ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120601&jk=960757076349717&bg=!TU6lTgrNAAa7eOFIm3g7ACkAdvg8WmzYDKrmq6Nmn9QunJlBan0pGYDCmsK1Y2OznNx4oK_R445paQIAAABLUgAAAAJoAQcKAHbWnrOtIt2GVBbnhhsr6p3ii0kqDzlTTFcvqBGKs1-c5pd0MMAkHJO05qZgZhQZNUQ9HO_XKjHL1viAJyReGDGjlqspsqtFjbNjrvdAX2UeeGo2M9hd4KmP84ov_rJWh_Wxsc_9WV6S7Ejt92MSFm2W6TGxlL34mQKd49E2-sPfXF6V-os7zgLzQijNgb_rThCqwQ7-0d5wmLUclv2OOi35-wLWNE7l0u3M0gPy8FdasB1OiZ3P3OdOhttZocBuawzqxHBvH48PiOoO_O4wsupDEpBmkh4NChjbQh5HoEcrPr6Txb9ARz89ZELwMwBeBqEaCdsMtNjyFNcp1kUnXh2Pa1bfDH1dZJs5oICAp4RzN5I8-XDynBZCXL2cp5M6ry8QND_sXLufc468HkYmBdeWnBl0XEopC1H7L2lufOluU7Q5nADcdvpNfjNP2xPZyc1KxR6s-MNPcTj41VHrsvXREsu8AfOsQx4wqwDc__WGV5ROnt1uyLvmpfWHOwdKxj3Va9u0klWEqlBerip-jEWwgUuHa_5ZTFQJBFZ3u7sV4uAymDWpquEhV6JFUfL0YHjEOTyNxCrnSZCkbRcr9Vt5kRnrhqEYbPqEwxJIssceplVqFu5jggpB12AKIINRty5eVyRnSEDnLBYUqt4EpCxdaKz-sFIvmEbNQa-sjiUQCO8J3_tCmSgk8l3G69yicCJv1wc7vGOoRag-pIVr2WXOBRj2aOPJGZs59mKLOWIi29z2GqcuEHaSwdu9YB64rVj2NrY72XFPQkl0fw5Hs_gYNQtoswL9_IjwGZOGwcAdYpjbIzH5-Xvqmk2IEnKQO1zRC-OMOF7gRH9FGDzb9Ib5Uggx6rvRB0nqNDodUm7sgPy1klKDB78_aBgoKdiVH4T14flsY-GWqvdaRiy5sLX3Oy8sqqpOO-HJ7cFICSU6AJnuZAIrj9z4NEqVQlDclh7N5iTwQgFFF2kxTZL6tG_GH6EJ2ijXY4fqRtKh-85jyAlpa99gJVXGNkb9FezgfwzdfLnjfLaNg8ZPMZlaubwaXeXgEih6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame A6B6 230 KB
61 KB 22ms
21ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:24 GMT
content-encoding: gzip
last-modified: Thu, 13 Oct 2022 21:01:07 GMT
etag: "88ca76abee51b1544e17b021f04aaaed"
x-hw: 1670547204.cds298.lo4.hn,1670547204.cds322.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62021

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 023F 4 KB
2 KB 22ms
22ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 1882
content-type: text/html
date: Fri, 09 Dec 2022 00:53:24 GMT
etag: "952dcfd8e3703b5a7e78418d51009535"
last-modified: Fri, 18 Feb 2022 17:38:44 GMT
x-hw: 1670547204.cds298.lo4.hn,1670547204.cds074.lo4.c

POST
H2 200 ad Show response
v.lkqd.net/ Frame A6B6 132 KB
7 KB 439ms
438ms XHR
application/json 69.20.43.192
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1151714&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fbiotrendies.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C44422%2C1%2C&c4=true&c5=&c6=44422&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=97533471&m=&rtv=1&thost=biotrendies.com
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: bf0a0841e08a655da1a0e657acd34100da24310eaa8ecc6d2a6a0d6ca78d614f

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 09 Dec 2022 00:53:25 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://biotrendies.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 6595

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 607ms
133ms Preflight 69.20.43.192
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1151714&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fbiotrendies.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C44422%2C1%2C&c4=true&c5=&c6=44422&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=97533471&m=&rtv=1&thost=biotrendies.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://biotrendies.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://biotrendies.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
date: Fri, 09 Dec 2022 00:53:25 GMT
server: nginx

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

cs
cs.lkqd.net/ Frame 023F
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=8a80a916-d1b4-446c-98c8-6b1d5ace5ffa

43 B
308 B

91ms
91ms

Image
image/gif

146.20.128.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=8a80a916-d1b4-446c-98c8-6b1d5ace5ffa
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:24 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=8a80a916-d1b4-446c-98c8-6b1d5ace5ffa
date: Fri, 09 Dec 2022 00:53:24 GMT
server: _
content-length: 0

GET
H2 200 cs
cs.lkqd.net/ Frame 023F 43 B
308 B 91ms
90ms Image
image/gif 146.20.128.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:24 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 023F 43 B
308 B 92ms
91ms Image
image/gif 146.20.128.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:24 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame 023F
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7329620901889215526

43 B
308 B

91ms
91ms

Image
image/gif

146.20.128.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7329620901889215526
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:24 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7329620901889215526
pragma: no-cache
date: Fri, 09 Dec 2022 00:53:24 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

cs
cs.lkqd.net/ Frame 023F
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=qNkVPHBrSTpaAlcLv4sSr8EbDgo

43 B
308 B

91ms
91ms

Image
image/gif

146.20.128.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=qNkVPHBrSTpaAlcLv4sSr8EbDgo
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:24 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Location: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=qNkVPHBrSTpaAlcLv4sSr8EbDgo
Date: Fri, 09 Dec 2022 00:53:24 GMT
Connection: keep-alive
Content-Length: 104
Content-Type: text/html; charset=utf-8

POST
H2 200 t Show response
t.lkqd.net/ Frame 6EF7 0
163 B 96ms
96ms XHR
text/plain 146.20.132.185
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.185 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://biotrendies.com
date: Fri, 09 Dec 2022 00:53:24 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 91ms
91ms Preflight
text/plain 146.20.132.185
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.185 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://biotrendies.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://biotrendies.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 09 Dec 2022 00:53:24 GMT
server: nginx

GET
H2 200 / Show response
adx.adform.net/adx/ 65 B
528 B 170ms
94ms XHR
text/xml 37.157.4.23

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=970530&url=https%3A%2F%2Fbiotrendies.com%2F&t=2

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 00:53:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/xml
access-control-allow-origin: https://biotrendies.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 / Show response
adx.adform.net/adx/ 65 B
527 B 176ms
101ms XHR
text/xml 37.157.4.23

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fbiotrendies.com%2F

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 00:53:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/xml
access-control-allow-origin: https://biotrendies.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 832 B
1 KB 21ms
20ms XHR
application/xml 184.86.251.220
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C44422%2C1%2C48271566082445783022147312494%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.251.220 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-251-220.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 02c146eed16727eab5f6f32f7832f52606df55d46c5762231841c5897fa67c97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 09 Dec 2022 00:53:25 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://biotrendies.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 832
x-sticky-vk: 1670547205232095-593
Expires: Fri, 09 Dec 2022 00:53:25 GMT

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ 1005 B
865 B 319ms
18ms XHR
application/xml 23.35.236.201

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fbiotrendies.com%2F&schain=1.0%2C1%21vidoomy.com%2C44422%2C1%2C48271566082445783021785909034%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 80b82ac05a41f865360a9b50b943c79d70fec2753fde04d3f89f96915ce9cb45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 00:53:25 GMT
content-encoding: gzip
server: Apache
etag: "23da-5e7fbf52c16e8-gzip"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://biotrendies.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 622
expires: Fri, 09 Dec 2022 00:53:25 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 831 B
1 KB 41ms
21ms XHR
application/xml 184.86.251.220
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C44422%2C1%2C4827156608244578302536604116%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.251.220 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-251-220.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b6088b1748eb3166fa1aace9919907d2ddfe0cbd3e3feba67278b91ab22138a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 09 Dec 2022 00:53:25 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://biotrendies.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 831
x-sticky-vk: 1670547205514030-516
Expires: Fri, 09 Dec 2022 00:53:25 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 816 B
1 KB 45ms
21ms XHR
application/xml 184.86.251.220
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C44422%2C1%2C19940342794827156608244578302,,&_fw_gdpr=0&_fw_gdpr_consent=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.251.220 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-251-220.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 20d74da5fdf1f0308a23aa5c1deb07b2fa0679468766e3f557e8612b6fa3ea8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 09 Dec 2022 00:53:25 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://biotrendies.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 816
x-sticky-vk: 1670547205365067-604
Expires: Fri, 09 Dec 2022 00:53:25 GMT

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ 1005 B
865 B 317ms
18ms XHR
application/xml 23.35.236.201

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fbiotrendies.com%2F&schain=1.0%2C1%21vidoomy.com%2C44422%2C1%2C13452695594827156608244578302%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: eb2c1e49d6af2c8d4ff3d1e84a39e530283c4ae532fa9c344122b12d652adb3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 00:53:25 GMT
content-encoding: gzip
server: Apache
etag: "23da-5e7fbf52c16e8-gzip"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://biotrendies.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 622
expires: Fri, 09 Dec 2022 00:53:25 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 816 B
1 KB 44ms
21ms XHR
application/xml 184.86.251.220
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C44422%2C1%2C10377023654827156608244578302,,&_fw_gdpr=0&_fw_gdpr_consent=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.251.220 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-251-220.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5e0b447c02bc696b6d57d003a34b182d26ca3d3ca745e7df1327bbb10ca76ce5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 09 Dec 2022 00:53:25 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://biotrendies.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 816
x-sticky-vk: 1670547205545025-547
Expires: Fri, 09 Dec 2022 00:53:25 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 832 B
1 KB 45ms
20ms XHR
application/xml 184.86.251.220
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C44422%2C1%2C48271566082445783021262725816%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.251.220 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-251-220.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5c6b8859d238ebae10c8f4e5e5bcb855af52a775a430ddaccb78454232932297

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 09 Dec 2022 00:53:25 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://biotrendies.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 832
x-sticky-vk: 1670547205508031-527
Expires: Fri, 09 Dec 2022 00:53:25 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 815 B
1 KB 60ms
36ms XHR
application/xml 184.86.251.220
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C44422%2C1%2C2143343224827156608244578302,,&_fw_gdpr=0&_fw_gdpr_consent=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.251.220 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-251-220.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c69ef28fd0b1ce9702c2ba0fc4d83e75a5a15e64d9f92d0fe8d4dea8ca8f8050

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 09 Dec 2022 00:53:25 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://biotrendies.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 815
x-sticky-vk: 1670547205376066-569
Expires: Fri, 09 Dec 2022 00:53:25 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 803 B
1 KB 72ms
47ms XHR
application/xml 184.86.251.220
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C44422%2C1%2C48271566082445783021261806702%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.251.220 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-251-220.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0e3b0ccb2bb79b41ec95f9f5c66b180d7bb7ea259d86a4f17eef79dcbd81b38e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biotrendies.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 09 Dec 2022 00:53:25 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://biotrendies.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 803
x-sticky-vk: 1670547205301090-534
Expires: Fri, 09 Dec 2022 00:53:25 GMT

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 91ms
91ms Preflight
text/plain 146.20.132.185
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.185 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://biotrendies.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://biotrendies.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 09 Dec 2022 00:53:25 GMT
server: nginx

POST
H2 200 t Show response
t.lkqd.net/ Frame 6EF7 0
163 B 199ms
198ms XHR
text/plain 146.20.132.185
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.185 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://biotrendies.com
date: Fri, 09 Dec 2022 00:53:26 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 vpaid_f51ac984.js Show response
vpaid.springserve.com/production/ Frame 130F 506 KB
89 KB 65ms
15ms Script
application/javascript 2600:9000:238d:4c00:15:6f6c:b180:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_f51ac984.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:238d:4c00:15:6f6c:b180:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1b7df8f348787d9fa760018b0f088ab687bbc70718df1d62e8084e30a3584491

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 17:09:30 GMT
content-encoding: br
via: 1.1 045d55468661252b6be78e701e36b492.cloudfront.net (CloudFront)
last-modified: Tue, 06 Dec 2022 22:05:17 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P1
age: 114237
etag: W/"b030ae2df4f66a78701be0f4e1a3a52f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=2678400
x-amz-cf-id: HPtR5PalnI6hfxPnfxPmzzUqH3HpKPAsC5VOZTs2jL2sAQfseEAwOg==

GET
DATA 200
OK truncated
/ 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/gif

POST
H2 200 t Show response
t.lkqd.net/ Frame 6EF7 0
163 B 176ms
176ms XHR
text/plain 146.20.132.185
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.185 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://biotrendies.com
date: Fri, 09 Dec 2022 00:53:26 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 92ms
92ms Preflight
text/plain 146.20.132.185
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.185 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://biotrendies.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://biotrendies.com
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 09 Dec 2022 00:53:26 GMT
server: nginx

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 40C7 52 KB
17 KB 35ms
8ms Document
text/html 88.221.168.189

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_f51ac984.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.168.189 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 09 Dec 2022 00:53:26 GMT
ETag: "623de86a-cf34"
Expires: Sat, 10 Dec 2022 00:53:28 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame 130F 975 B
844 B 17ms
17ms XHR
application/xml 23.35.236.201

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fbiotrendies.com%2F&schain=1.0,1!vidoomy.com,44422,1,1670547205522,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_f51ac984.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 51d9cf38ff2857352797a50262a4e9f429bf168316541e65b079b3bc229410fb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 00:53:26 GMT
content-encoding: gzip
server: Apache
etag: "23da-5e7fbf52c16e8-gzip"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://biotrendies.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 601
expires: Fri, 09 Dec 2022 00:53:26 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 130F 166 B
1 KB 109ms
73ms XHR
application/json 185.89.211.84

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_f51ac984.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 -, , ASN (),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

b374f2b5b7e64ef8b98db42013829dac16bb1f78613d6eb5bb1d553a266bcd84

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 09 Dec 2022 00:53:26 GMT
AN-X-Request-Uuid: 43316f50-478e-47e0-985d-5746de8ffbb0
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://biotrendies.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 166
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 130F 165 B
1 KB 107ms
72ms XHR
application/json 185.89.211.84

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_f51ac984.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 -, , ASN (),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

979d141f4fce5acfe4077c3df524606233fef9d5a01bcf8c3e70cd8e808b66b5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 09 Dec 2022 00:53:26 GMT
AN-X-Request-Uuid: e5370594-40ff-4bcc-bccb-ddd8c27edb0d
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://biotrendies.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 165
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 130F 166 B
1 KB 114ms
79ms XHR
application/json 185.89.211.84

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_f51ac984.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 -, , ASN (),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

64664fdcfb975de2cd9013fa018f137afcb455d77b7e5098e7ab737b5e9121c2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 09 Dec 2022 00:53:26 GMT
AN-X-Request-Uuid: 610ae990-e2b2-48f3-b2ba-36006fccdee0
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://biotrendies.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 166
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ssusersync Show response
vid.springserve.com/ Frame 130F 5 KB
5 KB 108ms
31ms Script
application/javascript 52.16.195.255

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/ssusersync
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_f51ac984.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.195.255 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 6bbfe1bc0c12baabbad8b696a4a21279a6f55a4f748be8df8d6befb1c528016e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 09 Dec 2022 00:53:26 GMT
access-control-allow-credentials: true
server: nginx
content-length: 5175
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame 8C9A 158 KB
37 KB 14ms
14ms Script
application/javascript 23.35.236.201

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fbiotrendies.com%2F&schain=1.0,1!vidoomy.com,44422,1,1670547205522,,
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 64b146021b5dd3fd90bfc36519ea2de22684243fd89e4663981f53453fb0f496

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:26 GMT
content-encoding: gzip
last-modified: Tue, 06 Sep 2022 06:03:39 GMT
server: Apache
etag: "277a2-5e7fbf52bc8c8-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 38047

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 40C7
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
813 B

14ms
14ms

Script
text/html

185.89.211.84

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Server

185.89.211.84 -, , ASN (),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 09 Dec 2022 00:53:26 GMT
AN-X-Request-Uuid: 104b345f-9816-43e9-aa31-1b3ab16720ca
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 09 Dec 2022 00:53:26 GMT
AN-X-Request-Uuid: 00e576be-98fc-4571-acf5-ccb57455069d
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame CB64 38 KB
14 KB 24ms
16ms Document
text/html 23.35.236.201

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fbiotrendies.com%2F&schain=1.0,1!vidoomy.com,44422,1,1670547205522,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=87654
content-encoding: gzip
content-length: 13946
content-type: text/html
date: Fri, 09 Dec 2022 00:53:26 GMT
expires: Sat, 10 Dec 2022 01:14:20 GMT
last-modified: Tue, 05 Jul 2022 05:32:20 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 8C9A 38 KB
14 KB 23ms
14ms Script
text/html 23.35.236.201

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fbiotrendies.com%2F&schain=1.0,1!vidoomy.com,44422,1,1670547205522,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:26 GMT
content-encoding: gzip
last-modified: Tue, 05 Jul 2022 05:32:20 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=87654
accept-ranges: bytes
content-length: 13946
expires: Sat, 10 Dec 2022 01:14:20 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame CB64 3 KB
3 KB 50ms
13ms Script
text/html 185.64.189.115

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=60183329&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5df705e1f512d3a25133e8f767a3f744841485b93d72a931db6e27737e48459a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Fri, 09 Dec 2022 00:53:25 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 14048 Show response
rtb.gumgum.com/usync/ Frame BE07 55 B
211 B 103ms
28ms Document
text/html 18.200.80.180

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Requested by: Host: vid.springserve.com
URL: https://vid.springserve.com/ssusersync
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.80.180 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 74b03851b17506833b0506eb8292bd9842e5b32aaaccb1b5553fa967b65db792

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Fri, 09 Dec 2022 00:53:26 GMT
etag: W/"0656d408e84feebb88e950b10efb49503"
server: nginx
timing-allow-origin: *

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame B7A4 15 KB
6 KB 18ms
14ms Document
text/html 23.35.236.201

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000010%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Requested by: Host: vid.springserve.com
URL: https://vid.springserve.com/ssusersync
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=89621
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Fri, 09 Dec 2022 00:53:26 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Sat, 10 Dec 2022 01:47:07 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
unused62: 8096267
vary: Accept-Encoding

GET
H2

200

usersync
sync.springserve.com/ Frame 130F
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000001%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID
https://sync.springserve.com/usersync?aid=1000001&gdpr=1&gdpr_consent=&us_privacy=&uuid=4477619247011178657

43 B
206 B

108ms
29ms

Image
image/gif

34.250.30.250

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.springserve.com/usersync?aid=1000001&gdpr=1&gdpr_consent=&us_privacy=&uuid=4477619247011178657
Protocol: H2
Server: 34.250.30.250 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 09 Dec 2022 00:53:26 GMT
access-control-allow-credentials: true
server: nginx
content-length: 43
access-control-allow-methods: GET, OPTIONS
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Fri, 09 Dec 2022 00:53:26 GMT
AN-X-Request-Uuid: 8305a93d-eaf0-4952-aa8f-79f9ce838aa4
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://sync.springserve.com/usersync?aid=1000001&gdpr=1&gdpr_consent=&us_privacy=&uuid=4477619247011178657
Connection: keep-alive
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204 syncb
sync.bfmio.com/ Frame 130F 0
78 B 447ms
96ms Image
text/plain 34.231.237.27

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/syncb?pid=111&gdpr=1&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.231.237.27 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Connection: keep-alive
Date: Fri, 09 Dec 2022 00:53:26 GMT

GET
H2 204 um
cs.emxdgt.com/ Frame 130F 0
55 B 41ms
6ms Image
text/html 18.158.8.202

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.emxdgt.com/um?gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000003%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.8.202 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:25 GMT
content-length: 0
content-type: text/html

GET
H2

200

usersync
sync.springserve.com/ Frame 130F
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=184932&gdpr=1&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%2...
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D&gdpr=1&gdpr_consent=&s=184932&us_...
https://sync.springserve.com/usersync?aid=1000005&gdpr=1&gdpr_consent=&us_privacy=&uuid=Y5KHBhNnIZuyGYZNA53mvwAA%265162

43 B
205 B

29ms
29ms

Image
image/gif

34.250.30.250

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.springserve.com/usersync?aid=1000005&gdpr=1&gdpr_consent=&us_privacy=&uuid=Y5KHBhNnIZuyGYZNA53mvwAA%265162
Protocol: H2
Server: 34.250.30.250 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 09 Dec 2022 00:53:26 GMT
access-control-allow-credentials: true
server: nginx
content-length: 43
access-control-allow-methods: GET, OPTIONS
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 09 Dec 2022 00:53:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hVnTgRHXy0qKNjRbdQddRhUxn6iYOjCk8qpNRLio0FXw98Lg%2FS%2FYtaW9ObSnP5GdhNbcnwnxPpoS6LCHOSbkAWyiiZzs7gnaRmdLuRdJbn22JK1n00C%2BpExlRgMhbDbysNw5WlCt"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://sync.springserve.com/usersync?aid=1000005&gdpr=1&gdpr_consent=&us_privacy=&uuid=Y5KHBhNnIZuyGYZNA53mvwAA%265162
cache-control: no-cache
cf-ray: 7769c3877eedb790-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58185/ Frame 130F
Redirect Chain

https://pixel.advertising.com/ups/58185/sync?&gdpr=1&gdpr_consent=&us_privacy=&redir=true
https://ups.analytics.yahoo.com/ups/58185/sync?&gdpr=1&gdpr_consent=&us_privacy=&redir=true

0
15 B

11ms
10ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58185/sync?&gdpr=1&gdpr_consent=&us_privacy=&redir=true

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:26 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58185/sync?&gdpr=1&gdpr_consent=&us_privacy=&redir=true
date: Fri, 09 Dec 2022 00:53:26 GMT
cache-control: no-store
content-type: text/html
server: ATS/9.1.10.25
content-length: 373
content-language: en

GET
H2 200 prebid
rtb.openx.net/sync/ Frame 130F 43 B
350 B 60ms
15ms Image
image/gif 35.186.253.211

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000008%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24%7BUID%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 -, , ASN (),
Reverse DNS
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 00:53:26 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: v42sgi76ajep98147ujqd2pata8rto3i

GET
H2

200

usersync
sync.springserve.com/ Frame 130F
Redirect Chain

https://bh.contextweb.com/rtset?gdpr=1&gdpr_consent=&us_privacy=&pid=561910&ev=1&rurl=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000011%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uu...
https://sync.springserve.com/usersync?aid=1000011&gdpr=1&gdpr_consent=&us_privacy=&uuid=HXfjUQmliQ82&ev=1&us_privacy=&gdpr_consent=&pid=561910&gdpr=1

43 B
205 B

29ms
29ms

Image
image/gif

34.250.30.250

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.springserve.com/usersync?aid=1000011&gdpr=1&gdpr_consent=&us_privacy=&uuid=HXfjUQmliQ82&ev=1&us_privacy=&gdpr_consent=&pid=561910&gdpr=1
Protocol: H2
Server: 34.250.30.250 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 09 Dec 2022 00:53:26 GMT
access-control-allow-credentials: true
server: nginx
content-length: 43
access-control-allow-methods: GET, OPTIONS
content-type: image/gif

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location: https://sync.springserve.com/usersync?aid=1000011&gdpr=1&gdpr_consent=&us_privacy=&uuid=HXfjUQmliQ82&ev=1&us_privacy=&gdpr_consent=&pid=561910&gdpr=1
content-language: de-DE
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-574cff5bc6-5ml9b
expires: -1

GET
H2

200

usersync
sync.springserve.com/ Frame 130F
Redirect Chain

https://sync.1rx.io/usersync2/rmphb?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000012%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5BRX_...
https://sync.springserve.com/usersync?aid=1000012&gdpr=1&gdpr_consent=&us_privacy=&uuid=OPTOUT

43 B
205 B

77ms
30ms

Image
image/gif

34.250.30.250

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.springserve.com/usersync?aid=1000012&gdpr=1&gdpr_consent=&us_privacy=&uuid=OPTOUT
Protocol: H2
Server: 34.250.30.250 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 09 Dec 2022 00:53:26 GMT
access-control-allow-credentials: true
server: nginx
content-length: 43
access-control-allow-methods: GET, OPTIONS
content-type: image/gif

Redirect headers

location: https://sync.springserve.com/usersync?aid=1000012&gdpr=1&gdpr_consent=&us_privacy=&uuid=OPTOUT
pragma: no-cache
date: Fri, 09 Dec 2022 00:53:26 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0
etag: OPTOUT
content-type: text/html

GET
H/1.1 200
OK us.gif
sync.go.sonobi.com/ Frame 130F 49 B
533 B 468ms
113ms Image
image/gif 69.166.1.12

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?gdpr=1&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000013%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5BUID%5D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.12 -, , ASN (),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 09 Dec 2022 00:53:26 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-21
Content-Type: image/gif
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

usersync
sync.springserve.com/ Frame 130F
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&gdpr_consent=&us_privacy=&adv_id=8593&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000014%26gdpr%3D1%26gdpr_consent%3D%26us_privac...
https://sync.search.spotxchange.com/partner?gdpr=1&gdpr_consent=&us_privacy=&adv_id=8593&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000014%26gdpr%3D1%26gdpr_consent%3D%26us_privac...
https://sync.springserve.com/usersync?aid=1000014&gdpr=1&gdpr_consent=&us_privacy=&uuid=e3a143f6-775b-11ed-ad2d-14f0ef8b0306

43 B
205 B

30ms
30ms

Image
image/gif

34.250.30.250

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.springserve.com/usersync?aid=1000014&gdpr=1&gdpr_consent=&us_privacy=&uuid=e3a143f6-775b-11ed-ad2d-14f0ef8b0306
Protocol: H2
Server: 34.250.30.250 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 09 Dec 2022 00:53:26 GMT
access-control-allow-credentials: true
server: nginx
content-length: 43
access-control-allow-methods: GET, OPTIONS
content-type: image/gif

Redirect headers

Date: Fri, 09 Dec 2022 00:53:26 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: https://sync.springserve.com/usersync?aid=1000014&gdpr=1&gdpr_consent=&us_privacy=&uuid=e3a143f6-775b-11ed-ad2d-14f0ef8b0306
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 109
Connection: keep-alive
Content-Length: 0

GET
H2

200

verify
pbs.publishers.tremorhub.com/pubsync/ Frame 130F
Redirect Chain

https://pbs.publishers.tremorhub.com/pubsync?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000015%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid...
https://pbs.publishers.tremorhub.com/pubsync/verify?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000015%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D...

43 B
182 B

108ms
108ms

Image
image/gif

2600:1f18:612b:4232:2c9c:1ca6:2cc6:969c

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbs.publishers.tremorhub.com/pubsync/verify?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000015%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5Btvid%5D
Protocol: H2
Server: 2600:1f18:612b:4232:2c9c:1ca6:2cc6:969c -, , ASN (),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Fri, 09 Dec 2022 00:53:26 GMT
server: Apache-Coyote/1.1
content-type: image/gif

Redirect headers

location: pubsync/verify?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000015%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5Btvid%5D
date: Fri, 09 Dec 2022 00:53:26 GMT
server: Apache-Coyote/1.1
content-length: 0
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

GET
H2 200 getuid
eb2.3lift.com/ Frame 130F 37 B
140 B 46ms
8ms Image
image/gif 13.248.245.213

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/getuid?gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000016%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 pbsync
ads.yieldmo.com/ Frame 130F 0
35 B 159ms
32ms Image
text/plain 34.240.38.30

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/pbsync?gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000017%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.240.38.30 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:26 GMT

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 130F 0
45 B 245ms
25ms Image
text/plain 185.86.139.103

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=52&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000018%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5Bssb_sync_pid%5D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.103 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:25 GMT
content-length: 0

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58518/ Frame 130F 0
38 B 13ms
11ms Image
text/plain 18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58518/occ?gdpr=1&gdpr_consent=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:26 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

sync
sync.sxp.smartclip.net/ Frame 130F
Redirect Chain

https://sync.sxp.smartclip.net/sync?type=red&dsp=116&gdpr_consent=
https://sync.sxp.smartclip.net/sync?type=red&dsp=116&gdpr_consent=&ang_testid=1

42 B
59 B

31ms
8ms

Image
image/gif

35.186.194.101

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.sxp.smartclip.net/sync?type=red&dsp=116&gdpr_consent=&ang_testid=1
Protocol: H3
Server: 35.186.194.101 -, , ASN (),
Reverse DNS
Software: openresty/1.19.9.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:26 GMT
via: 1.1 google
server: openresty/1.19.9.1
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Fri, 09 Dec 2022 00:53:26 GMT
via: 1.1 google
server: openresty/1.19.9.1
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.sxp.smartclip.net/sync?type=red&dsp=116&gdpr_consent=&ang_testid=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 v1
match.sharethrough.com/universal/ Frame 130F 0
35 B 61ms
7ms Image
text/plain 52.28.99.48

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/universal/v1?supply_id=BGApXMcE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.99.48 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:26 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 130F 43 B
145 B 8ms
7ms Image
image/gif 52.58.214.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=themediagrid&gdpr=1&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.214.36 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-214-36.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 4295
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=4D5DF576-5173-4528-A3BC-6F9D85760EE4&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=4D5DF576-5173-4528-A3BC-6F9D85760EE4&gdpr=0&gdpr_consent=

35 B
467 B

24ms
23ms

Document
image/gif

37.157.2.234

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=4D5DF576-5173-4528-A3BC-6F9D85760EE4&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Fri, 09 Dec 2022 00:53:26 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Fri, 09 Dec 2022 00:53:26 GMT
expires: -1
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=4D5DF576-5173-4528-A3BC-6F9D85760EE4&gdpr=0&gdpr_consent=
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame DEF5
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:095d6392-8706-4c00-9f30-f20d4e287ca5&gdpr=0&gdpr_consent=

42 B
325 B

21ms
21ms

Document
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:095d6392-8706-4c00-9f30-f20d4e287ca5&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 09 Dec 2022 00:53:26 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Fri, 09 Dec 2022 00:53:26 GMT
Expires: Fri, 09 Dec 2022 00:53:25 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 180 1fd3e2d master cdg-pixel-x9 config:1.0.0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:095d6392-8706-4c00-9f30-f20d4e287ca5&gdpr=0&gdpr_consent=

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame D21B
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7271886883554642821

42 B
274 B

672ms
13ms

Document
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7271886883554642821
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 09 Dec 2022 00:53:26 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7271886883554642821
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 8429 43 B
363 B 247ms
16ms Document
image/gif 178.250.0.163

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.163 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 00:53:26 GMT
expires: Fri, 09 Dec 2022 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 419048
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H/1.1

200
OK

dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame B3A9
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=4D5DF576-5173-4528-A3BC-6F9D85760EE4&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=4D5DF576-5173-4528-A3BC-6F9D85760EE4&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

188ms
188ms

Document
image/gif

67.220.224.144

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=4D5DF576-5173-4528-A3BC-6F9D85760EE4&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.224.144 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Fri, 09 Dec 2022 00:53:26 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: PG11GXH6CHTGCNC5Q8A5

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Fri, 09 Dec 2022 00:53:26 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=4D5DF576-5173-4528-A3BC-6F9D85760EE4&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: QNFVFVWRKW13BQKG93JJ

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame B8FC
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4477619247011178657&gdpr=0&gdpr_consent=

42 B
447 B

70ms
21ms

Document
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4477619247011178657&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 09 Dec 2022 00:53:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

AN-X-Request-Uuid: 2e8b3cd0-f24e-4193-a08a-4c9aaeda6df7
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Fri, 09 Dec 2022 00:53:26 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4477619247011178657&gdpr=0&gdpr_consent=
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CB64
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TV31dlFzRSijvG-dhXYO5A%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

15 KB
15 KB

15ms
14ms

Image
text/html

23.35.236.201

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 23.35.236.201 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

unused62: 8096267
date: Fri, 09 Dec 2022 00:53:26 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
server: Apache
etag: "1300708-3de4-5d6ef246ef4cf"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: text/html; charset=UTF-8
cache-control: max-age=89621
accept-ranges: bytes
content-length: 5549
expires: Sat, 10 Dec 2022 01:47:07 GMT

Redirect headers

pragma: no-cache
date: Fri, 09 Dec 2022 00:53:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame CB64
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=db626392-8706-4600-94a0-29bf7d9a09a9

0
260 B

60ms
13ms

Image
text/plain

198.47.127.20

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=db626392-8706-4600-94a0-29bf7d9a09a9
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 198.47.127.20 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:26 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Fri, 09 Dec 2022 00:53:26 GMT
Server: MT3 180 1fd3e2d master cdg-pixel-x26 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=db626392-8706-4600-94a0-29bf7d9a09a9
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 09 Dec 2022 00:53:25 GMT

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame CB64
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=4D5DF576-5173-4528-A3BC-6F9D85760EE4&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

70 B
265 B

48ms
30ms

Image
image/gif

35.71.131.137

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 35.71.131.137 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 09 Dec 2022 00:53:26 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame CB64
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NEQ1REY1NzYtNTE3My00NTI4LUEzQkMtNkY5RDg1NzYwRUU0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

770ms
13ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 09 Dec 2022 00:53:25 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 09 Dec 2022 00:53:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame CB64
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFVQhBpoWkWXG3xCLyjOzLE&google_cver=1

42 B
532 B

733ms
12ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFVQhBpoWkWXG3xCLyjOzLE&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 09 Dec 2022 00:53:25 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 09 Dec 2022 00:53:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFVQhBpoWkWXG3xCLyjOzLE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame CB64 43 B
612 B 54ms
14ms Image
image/gif 35.204.158.49

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 -, , ASN (),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:26 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 08 Dec 2022 00:53:26 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame CB64
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4971614028004017642

42 B
297 B

21ms
21ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4971614028004017642
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 09 Dec 2022 00:53:26 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 09 Dec 2022 00:53:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4971614028004017642
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame CB64 70 B
264 B 99ms
31ms Image
image/gif 35.71.131.137

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 09 Dec 2022 00:53:26 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 AdServerServlet Show response
vid.pubmatic.com/AdServer/ Frame 8C9A 27 B
549 B 298ms
54ms XHR
application/xml 185.64.190.75

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fbiotrendies.com%2F&schain=1.0,1!vidoomy.com,44422,1,1670547205522,,&us_privacy=&cb=1670547206140&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fbiotrendies.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fbiotrendies.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2022-12-9%200:53:26&ranreq=0.49546597878474175&timezone=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fbiotrendies.com%2F&schain=1.0,1!vidoomy.com,44422,1,1670547205522,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:26 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://biotrendies.com
content-type: application/xml; charset=utf-8
x-vdbg: 1:0/165:-1
access-control-allow-credentials: true
cache-control: no-store, no-cache, private

GET
H2 200 track
st.pubmatic.com/ Frame 8C9A 0
91 B 254ms
13ms Image
text/plain 185.64.189.221

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1670547207&wa=0&vadsId=-1&e=95&vc=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.221 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 09 Dec 2022 00:53:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 40C7 0
741 B 14ms
14ms Script
text/html 185.89.211.84

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 -, , ASN (),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 09 Dec 2022 00:53:27 GMT
AN-X-Request-Uuid: ec6b8742-758a-4941-a2eb-5229fa1b01dc
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 193.27.14.10; 193.27.14.10; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame 130F 975 B
844 B 18ms
18ms XHR
application/xml 23.35.236.201

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fbiotrendies.com%2F&schain=1.0,1!vidoomy.com,44422,1,1670547205522,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_f51ac984.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: dc3e28bcd7955bdf3e2adca7b284d5522a26aee62cdb3276e7b0258b7b87f3a5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 00:53:27 GMT
content-encoding: gzip
server: Apache
etag: "23da-5e7fbf52c16e8-gzip"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://biotrendies.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 601
expires: Fri, 09 Dec 2022 00:53:27 GMT

GET
H2 200 track
st.pubmatic.com/ Frame 130F 0
49 B 13ms
13ms Image
text/plain 185.64.189.221

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1670547206&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.221 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 09 Dec 2022 00:53:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame FC32 158 KB
37 KB 16ms
16ms Script
application/javascript 23.35.236.201

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fbiotrendies.com%2F&schain=1.0,1!vidoomy.com,44422,1,1670547205522,,
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 64b146021b5dd3fd90bfc36519ea2de22684243fd89e4663981f53453fb0f496

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:27 GMT
content-encoding: gzip
last-modified: Tue, 06 Sep 2022 06:03:39 GMT
server: Apache
etag: "277a2-5e7fbf52bc8c8-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 38047

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 309F 38 KB
14 KB 18ms
17ms Document
text/html 23.35.236.201

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fbiotrendies.com%2F&schain=1.0,1!vidoomy.com,44422,1,1670547205522,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=87653
content-encoding: gzip
content-length: 13946
content-type: text/html
date: Fri, 09 Dec 2022 00:53:27 GMT
expires: Sat, 10 Dec 2022 01:14:20 GMT
last-modified: Tue, 05 Jul 2022 05:32:20 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame FC32 38 KB
14 KB 16ms
15ms Script
text/html 23.35.236.201

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fbiotrendies.com%2F&schain=1.0,1!vidoomy.com,44422,1,1670547205522,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:27 GMT
content-encoding: gzip
last-modified: Tue, 05 Jul 2022 05:32:20 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=87653
accept-ranges: bytes
content-length: 13946
expires: Sat, 10 Dec 2022 01:14:20 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 309F 2 KB
2 KB 14ms
13ms Script
text/html 185.64.189.115

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=74256643&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 14226a859d2b7fdbd576c06ad9e052084a9cc984775a26172c26dda72a1a4f69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Fri, 09 Dec 2022 00:53:26 GMT
content-length: 1993
content-type: text/html; charset=UTF-8

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 02ED
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=gjr7FIw-8heZPqRC0DjvHtA68hSZa_dHgT-HZNyd

42 B
341 B

12ms
12ms

Document
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=gjr7FIw-8heZPqRC0DjvHtA68hSZa_dHgT-HZNyd
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 09 Dec 2022 00:53:26 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Fri, 09 Dec 2022 00:53:27 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=gjr7FIw-8heZPqRC0DjvHtA68hSZa_dHgT-HZNyd
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 5F6F
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7174945620495431821&gdpr=0&gdpr_consent=

42 B
322 B

21ms
21ms

Document
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7174945620495431821&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 09 Dec 2022 00:53:27 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Date: Fri, 09 Dec 2022 00:53:27 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7174945620495431821&gdpr=0&gdpr_consent=
Server: nginx
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET sync
sync.srv.stackadapt.com/ Frame 1C89 0
0

GET pm
match.prod.bidr.io/cookie-sync/ Frame 8F34 0
0

GET b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 76A7 0
0

GET

Artemis
aud.pubmatic.com/AdServer/ Frame 309F
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=4D5DF576-5173-4528-A3BC-6F9D85760EE4&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=4D5DF576-5173-4528-A3BC-6F9D85760EE4&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=4D5DF576-5173-4528-A3BC-6F9D85760EE4&addseg=19,36,42

0
0

GET info
uipglob.semasio.net/pubmatic/1/ Frame 309F 0
0

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 309F 95 B
382 B 49ms
23ms Image
image/png 2606:4700:10::ac43:db6

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=4D5DF576-5173-4528-A3BC-6F9D85760EE4
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:27 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 7769c38dc8049b58-FRA
access-control-allow-headers: *
content-length: 95

GET match
a.audrte.com/ Frame 309F 0
0

GET

sync
r.scoota.co/ Frame 309F
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic

0
0

GET 4D5DF576-5173-4528-A3BC-6F9D85760EE4
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 309F 0
0

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 309F
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4D5DF576-5173-4528-A3BC-6F9D85760EE4&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-R_rO6txE2uXPAATeLTEcbMgLRoLJPG0-~A&gdpr=0&gdpr_consent=

0
48 B

13ms
13ms

Image
text/plain

198.47.127.20

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-R_rO6txE2uXPAATeLTEcbMgLRoLJPG0-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 198.47.127.20 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 00:53:26 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-R_rO6txE2uXPAATeLTEcbMgLRoLJPG0-~A&gdpr=0&gdpr_consent=
date: Fri, 09 Dec 2022 00:53:27 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET current
pubmatic-match.dotomi.com/match/bounce/ Frame 309F 0
0

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 309F 0
191 B 57ms
12ms Image
text/plain 98.98.134.243

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.243 -, , ASN (),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Fri, 09 Dec 2022 00:53:27 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
expires: Tue, 11 Oct 1977 12:34:56 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.yieldpass.com
URL: https://cdn.yieldpass.com/fwol8r.js

Domain: v.lkqd.net
URL: https://v.lkqd.net/ad?pid=430&sid=1151714&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fbiotrendies.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C44422%2C1%2C&c4=true&c5=&c6=44422&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=52093252&m=

Domain: v.lkqd.net
URL: https://v.lkqd.net/ad?pid=430&sid=1151715&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fbiotrendies.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C44422%2C1%2C&c4=true&c5=&c6=44422&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=57713531&m=

Domain: sync.srv.stackadapt.com
URL: https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=

Domain: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=

Domain: sync-tm.everesttech.net
URL: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D

Domain: aud.pubmatic.com
URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=4D5DF576-5173-4528-A3BC-6F9D85760EE4&addseg=19,36,42

Domain: uipglob.semasio.net
URL: https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=4D5DF576-5173-4528-A3BC-6F9D85760EE4&sInitiator=external&gdpr=0&gdpr_consent=

Domain: a.audrte.com
URL: https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=4D5DF576-5173-4528-A3BC-6F9D85760EE4

Domain: r.scoota.co
URL: https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic

Domain: pr-bh.ybp.yahoo.com
URL: https://pr-bh.ybp.yahoo.com/sync/pubmatic/4D5DF576-5173-4528-A3BC-6F9D85760EE4?gdpr=0&gdpr_consent=

Domain: pubmatic-match.dotomi.com
URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=4D5DF576-5173-4528-A3BC-6F9D85760EE4&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

160 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.biotrendies.com/	1970-01-20 08:03:53	Name: _gid Value: GA1.2.231197395.1670547200
.biotrendies.com/	1970-01-20 10:12:03	Name: _fbp Value: fb.1.1670547199822.416249570
.bidswitch.net/	1970-01-20 16:48:03	Name: tuuid Value: ab5f50e8-b485-4237-93e5-551b3ad984ba
.bidswitch.net/	1970-01-20 16:48:03	Name: c Value: 1670547199
.bidswitch.net/	1970-01-20 16:48:03	Name: tuuid_lu Value: 1670547199
.yahoo.com/	1970-01-20 16:48:24	Name: A3 Value: d=AQABBP-GkmMCEBx63adRsAenbWNUGVQlcsUFEgEBAQHYk2OcYwAAAAAA_eMAAA&S=AQAAAmkZoofqvCZPgifzF2XF_5c
.ads.stickyadstv.com/	1970-01-20 08:45:39	Name: UID Value: 1c2a52be907297318f8ef149e767d
.analytics.yahoo.com/	1970-01-20 16:48:03	Name: IDSYNC Value: 1982~28qo
.biotrendies.com/	1970-01-20 08:02:27	Name: _gat Value: 1
a.vidoomy.com/	1970-01-20 16:48:03	Name: SSCookie Value: 1
.biotrendies.com/	1970-01-20 17:38:27	Name: _ga_Q4ZH35M7DF Value: GS1.1.1670547200.1.0.1670547200.0.0.0
.biotrendies.com/	1970-01-20 17:38:27	Name: _ga Value: GA1.1.856531091.1670547200
.doubleclick.net/	1970-01-20 17:24:03	Name: IDE Value: AHWqTUnu_31hkaOeW5xrLdplJ1-rZs3AtAT82Lkz-xtljjIQ9Ou8PjXFH2sRC8o9hYc
.biotrendies.com/	1970-01-20 16:48:03	Name: _hjSessionUser_793692 Value: eyJpZCI6IjNkMmJlMGEyLTYyNWQtNTJmYS04NDU3LWJhNDNhODJhMzQxYSIsImNyZWF0ZWQiOjE2NzA1NDcxOTk5NDMsImV4aXN0aW5nIjpmYWxzZX0=
.biotrendies.com/	1970-01-20 08:02:29	Name: _hjFirstSeen Value: 1
biotrendies.com/	1970-01-20 08:02:27	Name: _hjIncludedInSessionSample Value: 0
.biotrendies.com/	1970-01-20 08:02:29	Name: _hjSession_793692 Value: eyJpZCI6ImQ0MzJlYTJjLWJlNWUtNGNhZi1iZDQ4LTMzMjdjYjRiOWI0MCIsImNyZWF0ZWQiOjE2NzA1NDcyMDAxODMsImluU2FtcGxlIjpmYWxzZX0=
biotrendies.com/	1970-01-20 08:02:27	Name: _hjIncludedInPageviewSample Value: 1
.biotrendies.com/	1970-01-20 08:02:29	Name: _hjAbsoluteSessionInProgress Value: 0
.csync.loopme.me/	1970-01-20 10:12:03	Name: viewer_token Value: 8a80a916-d1b4-446c-98c8-6b1d5ace5ffa
.turn.com/	1970-01-20 12:21:39	Name: uid Value: 7329620901889215526
sync.srv.stackadapt.com/	1970-01-20 16:48:03	Name: sa-user-id Value: s%3A0-a8d9153c-706b-493a-5a02-570bbf8b12af.E6U9oiBhNrP0UE697UYi0fQnIgT0OD6Jj%2FPK%2FS%2FdGeE
.srv.stackadapt.com/	1970-01-20 16:48:03	Name: sa-user-id-v2 Value: s%3AqNkVPHBrSTpaAlcLv4sSr8EbDgo.Iv2W2bxWtg0XDp768pOSylMtnGdB8%2B5YySA8Tn4qxHY
.quantserve.com/	1970-01-20 17:32:41	Name: mc Value: 63928701-7fdd1-8d302-b5a56
.biotrendies.com/	1970-01-20 17:26:56	Name: __qca Value: P0-1422413116-1670547200130
.doubleclick.net/	1970-01-20 08:02:28	Name: test_cookie Value: CheckForPermission
.biotrendies.com/	1970-01-20 17:24:03	Name: __gads Value: ID=33c636597cb84a24:T=1670547200:S=ALNI_MY_rkTZSoCx6N9KzD1x0cuyDQ48hA
.biotrendies.com/	1970-01-20 17:24:03	Name: __gpi Value: UID=00000b8fa085970d:T=1670547200:RT=1670547200:S=ALNI_MbFWdwUk-Jwu7ZNqyNojU-dKWFFSg

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.yieldpass.com/fwol8r.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9671774946167201&output=html&adk=1812271804&adf=3025194257&lmt=1670547200&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fbiotrendies.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670547199749&bpp=4&bdt=532&idt=324&shv=r20221130&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7000165271034&frm=20&pv=2&ga_vid=856531091.1670547200&ga_sid=1670547200&ga_hid=234557798&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44760911%2C31071220%2C44779793&oid=2&pvsid=960757076349717&tmod=793297497&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=338 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

36e4c8c3a5077285786bf939c281264c.safeframe.googlesyndication.com
a.audrte.com
a.vidoomy.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.lkqd.net
ad.turn.com
ads.pubmatic.com
ads.stickyadstv.com
ads.vidoomy.com
ads.yieldmo.com
adservice.google.com
adservice.google.de
adx.adform.net
ajax.googleapis.com
assets.pinterest.com
aud.pubmatic.com
bh.contextweb.com
biotrendies.com
c1.adform.net
cdn.yieldpass.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
cs.emxdgt.com
cs.lkqd.net
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
in.hotjar.com
log.pinterest.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
maxcdn.bootstrapcdn.com
mwzeom.zeotap.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbs.publishers.tremorhub.com
perspective.cdsignner.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
r.scoota.co
region1.google-analytics.com
rtb.gumgum.com
rtb.openx.net
rules.quantcount.com
script.hotjar.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssbsync.smartadserver.com
ssum.casalemedia.com
st.pubmatic.com
static.hotjar.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.bfmio.com
sync.go.sonobi.com
sync.mathtag.com
sync.search.spotxchange.com
sync.springserve.com
sync.srv.stackadapt.com
sync.sxp.smartclip.net
t.lkqd.net
tpc.googlesyndication.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
use.fontawesome.com
v.lkqd.net
vars.hotjar.com
vid.pubmatic.com
vid.springserve.com
vpaid.pubmatic.com
vpaid.springserve.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
a.audrte.com
aud.pubmatic.com
cdn.yieldpass.com
match.prod.bidr.io
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
r.scoota.co
sync-tm.everesttech.net
sync.srv.stackadapt.com
uipglob.semasio.net
v.lkqd.net
104.18.33.19
13.248.245.213
13.32.27.16
141.94.171.213
142.250.186.130
146.20.128.67
146.20.132.185
151.101.192.84
151.139.128.10
178.250.0.163
18.156.0.31
18.158.8.202
18.200.80.180
18.66.147.62
184.86.251.220
185.29.134.244
185.64.189.110
185.64.189.115
185.64.189.221
185.64.190.75
185.64.190.80
185.86.139.103
185.89.211.84
185.94.180.125
198.148.27.140
198.47.127.20
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
213.155.156.184
213.19.147.44
23.35.236.201
2600:1f18:612b:4232:2c9c:1ca6:2cc6:969c
2600:9000:238c:1a00:6:44e3:f8c0:93a1
2600:9000:238d:4c00:15:6f6c:b180:93a1
2606:4700:10::ac43:db6
2606:4700:3030::ac43:ac5b
2606:4700:3033::6815:3fe2
2606:4700::6812:bcf
2606:4700:e2::ac40:850f
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:800::2002
2a00:1450:4001:801::2008
2a00:1450:4001:801::200e
2a00:1450:4001:802::200a
2a00:1450:4001:806::2003
2a00:1450:4001:810::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::2004
2a00:1450:4001:828::2003
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2003
2a00:1450:4001:831::2002
2a00:1450:400c:c00::9a
2a02:26f0:6c00:297::1931
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.19.54.139
3.66.71.88
34.231.237.27
34.240.38.30
34.250.30.250
35.186.194.101
35.186.253.211
35.204.158.49
35.214.223.115
35.71.131.137
37.157.2.234
37.157.4.23
52.16.195.255
52.222.236.43
52.28.99.48
52.58.214.36
54.237.254.37
67.220.224.144
69.166.1.12
69.20.43.192
85.114.159.93
88.221.168.189
91.208.197.151
98.98.134.243
99.81.68.255
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
02c146eed16727eab5f6f32f7832f52606df55d46c5762231841c5897fa67c97
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06d6e10886ed7de5561acab1935bce1c46174baa9cbd0bcb319aa3b69594131f
0a4ce60b746511909ac0a0ed43f4b5068ced6adecbb79a6a51dd80468afab103
0a56bbd45d5e25aa5fc4b77e4535878c45ec7665b7ba4ecc056a22edd7df9ccb
0de31d24ec42f3bdb5ffdb10298970c01c9c08c175efa7bb55bf44fb8a859f0e
0e3b0ccb2bb79b41ec95f9f5c66b180d7bb7ea259d86a4f17eef79dcbd81b38e
0f4d95b831d80e630a67f65cae1c1c8a86c1de75ff411f75665ff4d3af18a5c8
10c055e552cd4e8121eded0e5227a20534bfc3484aacecd99b553c069a332f53
1185fb47222238223724a8b2611d6ee5f14f094eb6ecb63ba4396936a5f1182a
14226a859d2b7fdbd576c06ad9e052084a9cc984775a26172c26dda72a1a4f69
14832c341e4f4678bb6e59d73dce5dabff413bf8ee5375884913d0f8952197e7
15958574113c38a99e576b2ba29f8babbed7d5ed02103ea9153b4097f6b68079
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
188bf1db6765885d693741114cfd53fee22fd0d1a4687f0c86eeb69da69a9dde
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
1b7df8f348787d9fa760018b0f088ab687bbc70718df1d62e8084e30a3584491
20d74da5fdf1f0308a23aa5c1deb07b2fa0679468766e3f557e8612b6fa3ea8a
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e
2189c0726ee0c6fab7890ea16c51def1e7c2f04ade183cd28db949a66e113331
237e70a24d2e720908479a80733c287c0fce31059e45a52bab0054be57922286
281d704874a4f296b2e6ec2fcd9464321440a876204662f267df4b0347aff7ca
28d927c75720da4571d2cbfec07c8715eea21c254aed3c26bd6504c125176d9d
28fa8851b95b138e8ed9b148a88f65978e8fbb06e75c60a66aea6ccfb1ab4845
2982ab2c16c42618aca6e59d7fca4807e78e8d58c2e14581e92dd43cbd804937
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e05a099697256c998974e9155f9d6c2c2df700504628e7cb30977fe773eb63c
306b35a65223c5c0d9d2fabf4ef4366697c4a1443ebecee87f1014bad92493a8
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
3c7f1fcfe1a04aeb09097c95bebdc0e577157a41897f1ff46289155b932ba123
3cbb3836ce829993a71a6d014fd5146944ebb206134c18793df0830af12b868a
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
4417bbec2789d9868cc82b3ef4f9670ed8dca9abe7b4697d8f4be78a26e1fd0c
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4aefbe7291db76250bf01a51c93912b9967305cbc43f7b612c8779c72b42ec27
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f70535a3f92a9738eb6c3f7eaf649d5eb288ce6e95bc8af666fef88169da25a
4fd4df834a59275be0e4dd26c23ee1e21d39d1a5caa18885f7aaaee3b83d2584
51d9cf38ff2857352797a50262a4e9f429bf168316541e65b079b3bc229410fb
5266a11278de436c711a6fc1ab0618616f2495135c0157b21899c11f19ab163a
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54ac8c780aad1682b5f063f87439ea2c0810fabbdd0b90de246f8ac121ab661b
54e383dfafc67c2952bdbf7268cfedf14ea1bdf6a7ce55305df763277bcbff2b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5773240cdcd07b20f60e178a5d1bdbec55783aba224236be6a40429d1cf44998
5c6b8859d238ebae10c8f4e5e5bcb855af52a775a430ddaccb78454232932297
5df705e1f512d3a25133e8f767a3f744841485b93d72a931db6e27737e48459a
5e0b447c02bc696b6d57d003a34b182d26ca3d3ca745e7df1327bbb10ca76ce5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61f7de13520a14ec37ba246b4846f5850ab87ffbc0d5b366709509c1d97d83b5
64664fdcfb975de2cd9013fa018f137afcb455d77b7e5098e7ab737b5e9121c2
64b146021b5dd3fd90bfc36519ea2de22684243fd89e4663981f53453fb0f496
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b
66a5505bbc5c467220a1964b0374e57ae040eed2301631bfd14b7f2292929eb2
6bbfe1bc0c12baabbad8b696a4a21279a6f55a4f748be8df8d6befb1c528016e
6f00a7410918df766cb48e2cf606853e497190d5974fefe3607fd158c441efea
74b03851b17506833b0506eb8292bd9842e5b32aaaccb1b5553fa967b65db792
752808add885c275b8b2237d85ecc722f0db5926abe9e470bd0121c2001d6151
758e1f5655b876c7760804722001519347d299d7cb2f574c623f473088fadd0e
75a06255783cd39b9a9f24cd51d3a9c0ee78b535636b8dfca075a8e519416937
77a93e68028efa253cbbf69be8ec98c22ff4a06e3e26e326da02fba99385e363
79e6006e71c59f2fae37df71d1daf955d6b07691678ba914e69c39618e89dff6
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7f04056cb728a5a3f20e053d475ecb8f6671ecd190e3f527741bd655c55545bb
80b82ac05a41f865360a9b50b943c79d70fec2753fde04d3f89f96915ce9cb45
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8744f257a9b562818ba572dd84b9bd87971103e6fca0e32ce5284b9359c9c4d4
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
949ef00ce71e069fc69a6b829771726245072e18e56b264c536837c459b3febf
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
974114ddacc3159ceec2fa3b2068fd417f0c98e1ccff853769ad5be26810e7bf
979d141f4fce5acfe4077c3df524606233fef9d5a01bcf8c3e70cd8e808b66b5
98fdce10a4c46e5b54d154a1b6ab14d085a43bc7270d900e0cf18cab9c679335
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
b374f2b5b7e64ef8b98db42013829dac16bb1f78613d6eb5bb1d553a266bcd84
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b6088b1748eb3166fa1aace9919907d2ddfe0cbd3e3feba67278b91ab22138a2
b73b5758bb57ab0520377782b0453de1152961c8f2b69ce30ea6ffc1b431a7bb
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bf0a0841e08a655da1a0e657acd34100da24310eaa8ecc6d2a6a0d6ca78d614f
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11
c1979d2f600bfc40844a361c305a7e083448c0edeed4c37a7dacd017d312b8ce
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c69ef28fd0b1ce9702c2ba0fc4d83e75a5a15e64d9f92d0fe8d4dea8ca8f8050
cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d073fb4f4eec190af7bf7282c4fecca1001c25616f87f23d5aaa8dbe16d37e2d
d1c924248b681f4284ac0d51271a4c1a7bb654bffc4d9370e12cca346f5e34e8
d2aeb7fc7a5fd4a53f0ab8ff1f43323231580215fdcf086894328ae4ce713476
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
d8f59a8790814ecde699f1495139c8559bb0526294f348e1a1381e89c044cec9
dc3e28bcd7955bdf3e2adca7b284d5522a26aee62cdb3276e7b0258b7b87f3a5
de71b7a2bb712dfe4b14ef2af0c85873821e4757eaff97c8a77451980bbabf5f
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb2c1e49d6af2c8d4ff3d1e84a39e530283c4ae532fa9c344122b12d652adb3e
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
eefbd7c7a0f7a4014317a9e32a28a662dc05ac29473edad33b0e56f65a54372a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4a4fd14b8b5a3bff66a3ca1d54f941b1be445079f64a2c9238fa87c44e5f1f
ef82fdc8be9d094c478fb5002c71151f6dde2bcaa6816e70c8a1060140482c71
f15f92634d2bddce61703e3289a2e01b08fd34e7d266fab774f14e79263c782c
f5e8aeb126ca69e3103e4e08d045a830eeb568dc8056f088f4c6da39efcca93e
f6bf316f2ed512cc95640b6f97edc6f55f791a2481b6b1d28116d279a1198d8f
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f87afa0cbe8634c0e7e88bb0bd7bc08b21174b8c1e74c4aa474e4517ad18e860
fef4dc6db1497b5e4a381488aa730b6ce27d0d8a7fe9c3ca81ab836e00bca4ce

biotrendies.com Open in urlscan Pro 2606:4700:3030::ac43:ac5b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

217 Requests

82 %HTTPS

36 %IPv6

65 Domains

98 Subdomains

73 IPs

7 Countries

2522 kBTransfer

7212 kBSize

28 Cookies

4 Outgoing links

Page URL History

Redirected requests

217 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

biotrendies.com Open in urlscan Pro
2606:4700:3030::ac43:ac5b Public Scan

Screenshot
Live screenshot

Full Image

217
Requests

82 %
HTTPS

36 %
IPv6

65
Domains

98
Subdomains

73
IPs

7
Countries

2522 kB
Transfer

7212 kB
Size

28
Cookies

217 HTTP transactions
3 data transactions